115 research outputs found
Dendritic Cells for Anomaly Detection
Artificial immune systems, more specifically the negative selection
algorithm, have previously been applied to intrusion detection. The aim of this
research is to develop an intrusion detection system based on a novel concept
in immunology, the Danger Theory. Dendritic Cells (DCs) are antigen presenting
cells and key to the activation of the human signals from the host tissue and
correlate these signals with proteins know as antigens. In algorithmic terms,
individual DCs perform multi-sensor data fusion based on time-windows. The
whole population of DCs asynchronously correlates the fused signals with a
secondary data stream. The behaviour of human DCs is abstracted to form the DC
Algorithm (DCA), which is implemented using an immune inspired framework,
libtissue. This system is used to detect context switching for a basic machine
learning dataset and to detect outgoing portscans in real-time. Experimental
results show a significant difference between an outgoing portscan and normal
traffic.Comment: 8 pages, 10 tables, 4 figures, IEEE Congress on Evolutionary
Computation (CEC2006), Vancouver, Canad
Variance in System Dynamics and Agent Based Modelling Using the SIR Model of Infectious Disease
Classical deterministic simulations of epidemiological processes, such as
those based on System Dynamics, produce a single result based on a fixed set of
input parameters with no variance between simulations. Input parameters are
subsequently modified on these simulations using Monte-Carlo methods, to
understand how changes in the input parameters affect the spread of results for
the simulation. Agent Based simulations are able to produce different output
results on each run based on knowledge of the local interactions of the
underlying agents and without making any changes to the input parameters. In
this paper we compare the influence and effect of variation within these two
distinct simulation paradigms and show that the Agent Based simulation of the
epidemiological SIR (Susceptible, Infectious, and Recovered) model is more
effective at capturing the natural variation within SIR compared to an
equivalent model using System Dynamics with Monte-Carlo simulation. To
demonstrate this effect, the SIR model is implemented using both System
Dynamics (with Monte-Carlo simulation) and Agent Based Modelling based on
previously published empirical data.Comment: Proceedings of the 26th European Conference on Modelling and
Simulation (ECMS), Koblenz, Germany, May 2012, pp 9-15, 201
Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm
Dendritic cells are antigen presenting cells that provide a vital link
between the innate and adaptive immune system, providing the initial detection
of pathogenic invaders. Research into this family of cells has revealed that
they perform information fusion which directs immune responses. We have derived
a Dendritic Cell Algorithm based on the functionality of these cells, by
modelling the biological signals and differentiation pathways to build a
control mechanism for an artificial immune system. We present algorithmic
details in addition to experimental results, when the algorithm was applied to
anomaly detection for the detection of port scans. The results show the
Dendritic Cell Algorithm is sucessful at detecting port scans.Comment: 21 pages, 17 figures, Information Fusio
- …