2,598 research outputs found
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link
between the innate and adaptive immune system, providing the initial detection
of pathogenic invaders. Research into this family of cells has revealed that
they perform information fusion which directs immune responses. We have derived
a Dendritic Cell Algorithm based on the functionality of these cells, by
modelling the biological signals and differentiation pathways to build a
control mechanism for an artificial immune system. We present algorithmic
details in addition to experimental results, when the algorithm was applied to
anomaly detection for the detection of port scans. The results show the
Dendritic Cell Algorithm is sucessful at detecting port scans.Comment: 21 pages, 17 figures, Information Fusio
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they
perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on
the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is successful at detecting port scans
Introducting Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection
Dendritic cells are antigen presenting cells that provide a
vital link between the innate and adaptive immune system. Research into this family of cells has revealed that they perform the role of coordinating T-cell based immune responses, both reactive and for generating tolerance. We have derived an algorithm based on the functionality of these cells, and have used the signals and differentiation pathways to build a control mechanism for an artificial immune system. We present our algorithmic details in addition to some preliminary results, where the algorithm was applied for the purpose of anomaly detection. We hope
that this algorithm will eventually become the key component within a large, distributed immune system, based on sound imnological concepts
Dendritic Cells for SYN Scan Detection
Artificial immune systems have previously been applied to the problem of intrusion detection. The aim of this research is to develop an intrusion detection system based on the function of Dendritic Cells (DCs). DCs are antigen presenting cells and key to the activation of the human immune system, behaviour which has been abstracted to form the Dendritic Cell Algorithm (DCA). In algorithmic terms, individual DCs perform multi-sensor data fusion, asynchronously correlating the fused data signals with a secondary data stream. Aggregate output of a population of cells is analysed and forms the basis of an anomaly detection system. In this paper the DCA is applied to the detection of outgoing port scans using TCP SYN packets. Results show that detection can be achieved with the DCA, yet some false positives can be encountered when simultaneously scanning and using other network services. Suggestions are made for using adaptive signals to alleviate this uncovered problem
Dendritic Cell Algorithm with Optimised Parameters using Genetic Algorithm
Intrusion detection systems are developed with the abilities to discriminate between normal and anomalous traffic behaviours. The core challenge in implementing an intrusion detection systems is to determine and stop anomalous traffic behavior precisely before it causes any adverse effects to the network, information systems, or any other hardware and digital assets which forming or in the cyberspace. Inspired by the biological immune system, Dendritic Cell Algorithm (DCA) is a classification algorithm developed for the purpose of anomaly detection based on the danger theory and the functioning of human immune dendritic cells. In its core operation, DCA uses a weighted sum function to derive the output cumulative values from the input signals. The weights used in this function are either derived empirically from the data or defined by users. Due to this, the algorithm opens the doors for users to specify the weights that may not produce optimal result (often accuracy). This paper proposes a weight optimisation approach implemented using the popular stochastic search tool, genetic algorithm. The approach is validated and evaluated using the KDD99 dataset with promising results generated
PCA 4 DCA: The Application Of Principal Component Analysis To The Dendritic Cell Algorithm
As one of the newest members in the field of artificial immune systems (AIS),
the Dendritic Cell Algorithm (DCA) is based on behavioural models of natural
dendritic cells (DCs). Unlike other AIS, the DCA does not rely on training
data, instead domain or expert knowledge is required to predetermine the
mapping between input signals from a particular instance to the three
categories used by the DCA. This data preprocessing phase has received the
criticism of having manually over-?tted the data to the algorithm, which is
undesirable. Therefore, in this paper we have attempted to ascertain if it is
possible to use principal component analysis (PCA) techniques to automatically
categorise input data while still generating useful and accurate classication
results. The integrated system is tested with a biometrics dataset for the
stress recognition of automobile drivers. The experimental results have shown
the application of PCA to the DCA for the purpose of automated data
preprocessing is successful.Comment: 6 pages, 4 figures, 3 tables, (UKCI 2009
An Immune Inspired Approach to Anomaly Detection
The immune system provides a rich metaphor for computer security: anomaly
detection that works in nature should work for machines. However, early
artificial immune system approaches for computer security had only limited
success. Arguably, this was due to these artificial systems being based on too
simplistic a view of the immune system. We present here a second generation
artificial immune system for process anomaly detection. It improves on earlier
systems by having different artificial cell types that process information.
Following detailed information about how to build such second generation
systems, we find that communication between cells types is key to performance.
Through realistic testing and validation we show that second generation
artificial immune systems are capable of anomaly detection beyond generic
system policies. The paper concludes with a discussion and outline of the next
steps in this exciting area of computer security.Comment: 19 pages, 4 tables, 2 figures, Handbook of Research on Information
Security and Assuranc
- …