scholarly journals Towards Bio-Inspired Anomaly Detection Using the Cursory Dendritic Cell Algorithm

Algorithms ◽  
2021 ◽  
Vol 15 (1) ◽  
pp. 1
Author(s):  
Carlos Pinto ◽  
Rui Pinto ◽  
Gil Gonçalves
Keyword(s):  
Dendritic Cell ◽  
Anomaly Detection ◽  
Production Systems ◽  
Detection System ◽  
Artificial Immune Systems ◽  
Object Oriented ◽  
Research Area ◽  
Detection Problem ◽  
Network Intrusion ◽  
Dendritic Cell Algorithm

The autonomous and adaptable identification of anomalies in industrial contexts, particularly in the physical processes of Cyber-Physical Production Systems (CPPS), requires using critical technologies to identify failures correctly. Most of the existing solutions in the anomaly detection research area do not consider such systems’ dynamics. Due to the complexity and multidimensionality of CPPS, a scalable, adaptable, and rapid anomaly detection system is needed, considering the new design specifications of Industry 4.0 solutions. Immune-based models, such as the Dendritic Cell Algorithm (DCA), may provide a rich source of inspiration for detecting anomalies, since the anomaly detection problem in CPPS greatly resembles the functionality of the biological dendritic cells in defending the human body from hazardous pathogens. This paper tackles DCA limitations that may compromise its usage in anomaly detection applications, such as the manual characterization of safe and danger signals, data analysis not suitable for online classification, and the lack of an object-oriented implementation of the algorithm. The proposed approach, the Cursory Dendritic Cell Algorithm (CDCA), is a novel variation of the DCA, developed to be flexible and monitor physical industrial processes continually while detecting anomalies in an online fashion. This work’s contribution is threefold. First, it provides a comprehensive review of Artificial Immune Systems (AIS), focusing on AIS applied to the anomaly detection problem. Then, a new object-oriented architecture for the DCA implementation is described, enabling the modularity and abstraction of the algorithm stages into different classes (modules). Finally, the CDCA for the anomaly detection problem is proposed. The CDCA was successfully validated in two industrial-oriented dataset benchmarks for physical anomaly and network intrusion detection, the Skoltech Anomaly Benchmark (SKAB) and M2M using OPC UA. When compared to other algorithms, the proposed approach exhibits promising classification results. It was placed fourth on the SKAB scoreboard and presented a competitive performance with the incremental Dendritic Cell Algorithm (iDCA).

scholarly journals A New Intrusion Detection System Using the Improved Dendritic Cell Algorithm

2020 ◽  
Author(s):  
Ehsan Farzadnia ◽  
Hossein Shirazi ◽  
Alireza Nowroozi
Keyword(s):  
Dendritic Cells ◽  
Dendritic Cell ◽  
Intrusion Detection ◽  
Detection System ◽  
Binary Classification ◽  
Data Sampling ◽  
Classification Problems ◽  
Peripheral Tissues ◽  
Network Intrusion ◽  
Dendritic Cell Algorithm

Abstract The dendritic cell algorithm (DCA) as one of the emerging evolutionary algorithms is based on the behavior of the specific immune agents, known as dendritic cells (DCs). DCA has several potentially beneficial features for binary classification problems. In this paper, we aim at providing a new version of this immune-inspired mechanism acts as a semi-supervised classifier, which can be a defensive shield in network intrusion detection problem. Till now, no strategy or idea has been adopted on the $Get_{Antigen()}$ function on the detection phase, but random sampling entails the DCA to provide undesirable results in several cycles at each time. This leads to uncertainty. Whereas it must be accomplished by biological behaviors of DCs in peripheral tissues, we have proposed a novel strategy that exactly acts based on its immunological functionalities of dendritic cells. The proposed mechanism focuses on two items: first, to obviate the challenge of needing to have a preordered antigen set for computing danger signal, and the second, to provide a novel immune-inspired idea for nonrandom data sampling. A variable functional migration threshold is also computed cycle by cycle that shows the necessity of the migration threshold flexibility. A significant criterion so-called capability of intrusion detection (CID) is used for tests. All the tests have been performed in a new benchmark dataset named UNSW-NB15. Experimental consequences demonstrate that the present schema as the best version among improved DC algorithms achieves 76.69% CID by 90% accuracy and outperforms its counterpart methods.

scholarly journals Multiresolution dendritic cell algorithm for network anomaly detection

2021 ◽  
Vol 7 ◽  
pp. e749
Author(s):  
David Limon-Cantu ◽  
Vicente Alarcon-Aquino
Keyword(s):  
Information Systems ◽  
Dendritic Cell ◽  
Anomaly Detection ◽  
State Of The Art ◽  
Denial Of Service ◽  
Series Data ◽  
Time Frequency ◽  
Computer Services ◽  
Dendritic Cell Algorithm ◽  
Network Anomaly Detection

Anomaly detection in computer networks is a complex task that requires the distinction of normality and anomaly. Network attack detection in information systems is a constant challenge in computer security research, as information systems provide essential services for enterprises and individuals. The consequences of these attacks could be the access, disclosure, or modification of information, as well as denial of computer services and resources. Intrusion Detection Systems (IDS) are developed as solutions to detect anomalous behavior, such as denial of service, and backdoors. The proposed model was inspired by the behavior of dendritic cells and their interactions with the human immune system, known as Dendritic Cell Algorithm (DCA), and combines the use of Multiresolution Analysis (MRA) Maximal Overlap Discrete Wavelet Transform (MODWT), as well as the segmented deterministic DCA approach (S-dDCA). The proposed approach is a binary classifier that aims to analyze a time-frequency representation of time-series data obtained from high-level network features, in order to classify data as normal or anomalous. The MODWT was used to extract the approximations of two input signal categories at different levels of decomposition, and are used as processing elements for the multi resolution DCA. The model was evaluated using the NSL-KDD, UNSW-NB15, CIC-IDS2017 and CSE-CIC-IDS2018 datasets, containing contemporary network traffic and attacks. The proposed MRA S-dDCA model achieved an accuracy of 97.37%, 99.97%, 99.56%, and 99.75% for the tested datasets, respectively. Comparisons with the DCA and state-of-the-art approaches for network anomaly detection are presented. The proposed approach was able to surpass state-of-the-art approaches with UNSW-NB15 and CSECIC-IDS2018 datasets, whereas the results obtained with the NSL-KDD and CIC-IDS2017 datasets are competitive with machine learning approaches.

scholarly journals Information fusion for anomaly detection with the dendritic cell algorithm

2010 ◽  
Vol 11 (1) ◽  
pp. 21-34 ◽  
Author(s):  
Julie Greensmith ◽  
Uwe Aickelin ◽  
Gianni Tedesco
Keyword(s):  
Dendritic Cell ◽  
Anomaly Detection ◽  
Information Fusion ◽  
Dendritic Cell Algorithm

scholarly journals A Combined Anomaly and Trend Detection System for Industrial Robot Gear Condition Monitoring

2021 ◽  
Vol 11 (21) ◽  
pp. 10403
Author(s):  
Corbinian Nentwich ◽  
Gunther Reinhart
Keyword(s):  
Anomaly Detection ◽  
Condition Monitoring ◽  
Production Systems ◽  
Detection System ◽  
Industrial Robot ◽  
Health Indicators ◽  
Automated System ◽  
Trend Detection ◽  
Detection Methods ◽  
Application Data

Conditions monitoring of industrial robot gears has the potential to increase the productivity of highly automated production systems. The huge amount of health indicators needed to monitor multiple gears of multiple robots requires an automated system for anomaly and trend detection. In this publication, such a system is presented and suitable anomaly detection and trend detection methods for the system are selected based on synthetic and real world industrial application data. A statistical test, namely the Cox-Stuart test, appears to be the most suitable approach for trend detection and the local outlier factor algorithm or the long short-term neural network performs best for anomaly detection in the application of industrial robot gear condition monitoring in the presented experiments.

Sign in / Sign up

Export Citation Format

Share Document