Abstract: A computer security system comprises at least one authorized node constructed and arranged to execute a consensus protocol for validating and verifying a blockchain transaction and to extract at least one of a signature or feature of a detected cyberattack for the blockchain transaction and mining the transaction to a blockchain network; at least one unauthorized node prohibited from executing the consensus protocol and from validating and verifying a blockchain transaction but authorized to retrieve the at least one of the signature or feature from the blockchain network; and a special-purpose processor of the blockchain network that facilitates a distribution of the at least one of signature or feature for cooperative intrusion detection between the at least one authorized node and the at least one unauthorized node.

Abstract: A malicious process detection system comprises a Virtual Machine Introspection (VMI) module that performs an introspection operation on at least one virtual machine; and an Intrusion Detection System (IDS) that communicates with the VW module to generate data that is analyzed by the IDS using a negative selection algorithm (NSA) and that identifies suspicious processes at the VM based on the analyzed data.

Abstract: A computer security system comprises at least one authorized node constructed and arranged to execute a consensus protocol for validating and verifying a blockchain transaction and to extract at least one of a signature or feature of a detected cyberattack for the blockchain transaction and mining the transaction to a blockchain network; at least one unauthorized node prohibited from executing the consensus protocol and from validating and verifying a blockchain transaction but authorized to retrieve the at least one of the signature or feature from the blockchain network; and a special-purpose processor of the blockchain network that facilitates a distribution of the at least one of signature or feature for cooperative intrusion detection between the at least one authorized node and the at least one unauthorized node.

Abstract: A method for detecting intrusion is provided using a combination of two AIS algorithms: Negative Selection Algorithm (NSA) and Dendritic Cell Algorithm (DCA). The method includes the following steps, or some functional subset of these steps: periodic monitoring of a data processing system for anomalous behavior that may indicate the presence of an intruder or an undesirable software; using the NSA for the generation of a population of detectors that are used for detecting anomalies in the monitored system via a matching criterion; using the DCA (which runs in parallel to the NSA) to sample traffic and signals coming in or out of the data processing system; using an aggregation system to combine the individual decisions of the NSA and the DCA to form a single final decision.

Abstract: A method for detecting intrusion is provided using a combination of two AIS algorithms: Negative Selection Algorithm (NSA) and Dendritic Cell Algorithm (DCA). The method includes the following steps, or some functional subset of these steps: periodic monitoring of a data processing system for anomalous behavior that may indicate the presence of an intruder or an undesirable software; using the NSA for the generation of a population of detectors that are used for detecting anomalies in the monitored system via a matching criterion; using the DCA (which runs in parallel to the NSA) to sample traffic and signals coming in or out of the data processing system; using an aggregation system to combine the individual decisions of the NSA and the DCA to form a single final decision.