scholarly journals DeepDCA: Novel Network-Based Detection of IoT Attacks Using Artificial Immune System

2020 ◽  
Vol 10 (6) ◽  
pp. 1909 ◽  
Author(s):  
Sahar Aldhaheri ◽  
Daniyal Alghazzawi ◽  
Li Cheng ◽  
Bander Alzahrani ◽  
Abdullah Al-Barakati
Keyword(s):  
Immune System ◽  
Dendritic Cell ◽  
Adaptive Systems ◽  
Detection System ◽  
False Positive Rate ◽  
Attack Detection ◽  
Signal Extraction ◽  
Artificial Immune ◽  
High Detection Rate ◽  
Dendritic Cell Algorithm

Recently Internet of Things (IoT) attains tremendous popularity, although this promising technology leads to a variety of security obstacles. The conventional solutions do not suit the new dilemmas brought by the IoT ecosystem. Conversely, Artificial Immune Systems (AIS) is intelligent and adaptive systems mimic the human immune system which holds desirable properties for such a dynamic environment and provides an opportunity to improve IoT security. In this work, we develop a novel hybrid Deep Learning and Dendritic Cell Algorithm (DeepDCA) in the context of an Intrusion Detection System (IDS). The framework adopts Dendritic Cell Algorithm (DCA) and Self Normalizing Neural Network (SNN). The aim of this research is to classify IoT intrusion and minimize the false alarm generation. Also, automate and smooth the signal extraction phase which improves the classification performance. The proposed IDS selects the convenient set of features from the IoT-Bot dataset, performs signal categorization using the SNN then use the DCA for classification. The experimentation results show that DeepDCA performed well in detecting the IoT attacks with a high detection rate demonstrating over 98.73% accuracy and low false-positive rate. Also, we compared these results with State-of-the-art techniques, which showed that our model is capable of performing better classification tasks than SVM, NB, KNN, and MLP. We plan to carry out further experiments to verify the framework using a more challenging dataset and make further comparisons with other signal extraction approaches. Also, involve in real-time (online) attack detection.

scholarly journals Towards Bio-Inspired Anomaly Detection Using the Cursory Dendritic Cell Algorithm

Algorithms ◽  
2021 ◽  
Vol 15 (1) ◽  
pp. 1
Author(s):  
Carlos Pinto ◽  
Rui Pinto ◽  
Gil Gonçalves
Keyword(s):  
Dendritic Cell ◽  
Anomaly Detection ◽  
Production Systems ◽  
Detection System ◽  
Artificial Immune Systems ◽  
Object Oriented ◽  
Research Area ◽  
Detection Problem ◽  
Network Intrusion ◽  
Dendritic Cell Algorithm

The autonomous and adaptable identification of anomalies in industrial contexts, particularly in the physical processes of Cyber-Physical Production Systems (CPPS), requires using critical technologies to identify failures correctly. Most of the existing solutions in the anomaly detection research area do not consider such systems’ dynamics. Due to the complexity and multidimensionality of CPPS, a scalable, adaptable, and rapid anomaly detection system is needed, considering the new design specifications of Industry 4.0 solutions. Immune-based models, such as the Dendritic Cell Algorithm (DCA), may provide a rich source of inspiration for detecting anomalies, since the anomaly detection problem in CPPS greatly resembles the functionality of the biological dendritic cells in defending the human body from hazardous pathogens. This paper tackles DCA limitations that may compromise its usage in anomaly detection applications, such as the manual characterization of safe and danger signals, data analysis not suitable for online classification, and the lack of an object-oriented implementation of the algorithm. The proposed approach, the Cursory Dendritic Cell Algorithm (CDCA), is a novel variation of the DCA, developed to be flexible and monitor physical industrial processes continually while detecting anomalies in an online fashion. This work’s contribution is threefold. First, it provides a comprehensive review of Artificial Immune Systems (AIS), focusing on AIS applied to the anomaly detection problem. Then, a new object-oriented architecture for the DCA implementation is described, enabling the modularity and abstraction of the algorithm stages into different classes (modules). Finally, the CDCA for the anomaly detection problem is proposed. The CDCA was successfully validated in two industrial-oriented dataset benchmarks for physical anomaly and network intrusion detection, the Skoltech Anomaly Benchmark (SKAB) and M2M using OPC UA. When compared to other algorithms, the proposed approach exhibits promising classification results. It was placed fourth on the SKAB scoreboard and presented a competitive performance with the incremental Dendritic Cell Algorithm (iDCA).

A Smart System of Malware Detection Based on Artificial Immune Network and Deep Belief Network

2019 ◽  
Author(s):  
Nguyen Vu Thanh ◽  
Dung Hoang Le ◽  
Tuan Dinh Le
Keyword(s):  
Detection Rate ◽  
False Positive Rate ◽  
Virus Detection ◽  
Deep Belief Network ◽  
Immune Network ◽  
Artificial Immune ◽  
High Detection Rate ◽  
Smart System ◽  
Belief Network ◽  
Artificial Immune Network

This paper proposes a smart system of virus detection that can classify a file as benign or malware with high accuracy detection rate. The approach is based on the aspects of the artificial immune system and the deep learning technique. The first stage is data extraction to create the main feature set. In the second stage, the Artificial Immune Network (aiNet) is used to build a clonal generation of malware detectors and improve the accuracy of unknown virus detection rate. Then they are trained with a deep belief network model to evaluate the performance of the system. As a result, our method can achieve a high detection rate of 98.86% on average with a very low false positive rate.

scholarly journals A Review of Feature Reduction in Intrusion Detection System Based on Artificial Immune System and Neural Network

2013 ◽  
Vol 9 (3) ◽  
pp. 1127-1133
Author(s):  
Uma Vishwakarma ◽  
Prof. Anurag Jain ◽  
Prof. Akriti Jain
Keyword(s):  
Neural Network ◽  
Immune System ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Artificial Immune System ◽  
Detection System ◽  
Reduction Process ◽  
Feature Reduction ◽  
Dynamic Feature ◽  
Artificial Immune

Feature reduction plays an important role in intrusion detection system. The large amount of feature in network as well as host data effect the performance of intrusion detection method. Various authors are research proposed a method of intrusion detection based on machine learning approach and neural network approach, but all of these methods lacks in large number of feature attribute in intrusion data. In this paper we discuss its various method of feature reduction using artificial immune system and neural network. Artificial immune system is biological inspired system work as mathematical model for feature reduction process. The neural network well knows optimization technique in other field. In this paper we used neural network as feature reduction process. The feature reduction process reduces feature of intrusion data those are not involved in security threats and attacks such as TCP protocol, UDP protocol and ICMP message protocol. This reduces feature-set of intrusion improve the classification rate of intrusion detection and improve the speed performance of the intrusion detection system. The current research going on fixed and static number of feature reduction, we proposed an automatic and dynamic feature reduction technique using PCNN network.

Architecture for an Artificial Immune System

2000 ◽  
Vol 8 (4) ◽  
pp. 443-473 ◽  
Author(s):  
Steven A. Hofmeyr ◽  
Stephanie Forrest
Keyword(s):  
Immune System ◽  
Computer Security ◽  
Artificial Immune System ◽  
Detection System ◽  
Classifier Systems ◽  
Artificial Immune ◽  
Dynamic Learning ◽  
Self Monitoring ◽  
Network Intrusion ◽  
Learning And Adaptation

An artificial immune system (ARTIS) is described which incorporates many properties of natural immune systems, including diversity, distributed computation, error tolerance, dynamic learning and adaptation, and self-monitoring. ARTIS is a general framework for a distributed adaptive system and could, in principle, be applied to many domains. In this paper, ARTIS is applied to computer security in the form of a network intrusion detection system called LISYS. LISYS is described and shown to be effective at detecting intrusions, while maintaining low false positive rates. Finally, similarities and differences between ARTIS and Holland's classifier systems are discussed.

Sign in / Sign up

Export Citation Format

Share Document