Double Anomaly Detection Algorithm Based on Dendritic Cells

2014 ◽  
Vol 926-930 ◽  
pp. 3034-3037
Author(s):  
Lian Cheng Xu ◽  
Di Xu ◽  
Guang Gang Zhou ◽  
Xiu Yan Hou
Keyword(s):  
Dendritic Cells ◽  
Dendritic Cell ◽  
Anomaly Detection ◽  
High Efficiency ◽  
Data Preprocessing ◽  
Original Data ◽  
Detection Algorithm ◽  
Preprocessing Method ◽  
Dendritic Cell Algorithm ◽  
Anomaly Index

On the problem of data quantity in anomaly detection, traditional dendritic cell algorithms should be improved by proposing an antigen data preprocessing method which introduced suspected abnormal base. The abnormal data should be judged with high efficiency in the shortest time possible by double anomaly detection. First of all, set of the original data should be preprocessed into individual antigen, and was matched with the suspected abnormal base to conduct the first anomaly detection. Then a double anomaly detection should be conducted by dendritic cell algorithm and the intensity of anomaly be judged according to the dynamic anomaly index. Experiments show that this algorithm produces better effect on both time and accuracy.

scholarly journals Multiresolution dendritic cell algorithm for network anomaly detection

2021 ◽  
Vol 7 ◽  
pp. e749
Author(s):  
David Limon-Cantu ◽  
Vicente Alarcon-Aquino
Keyword(s):  
Information Systems ◽  
Dendritic Cell ◽  
Anomaly Detection ◽  
State Of The Art ◽  
Denial Of Service ◽  
Series Data ◽  
Time Frequency ◽  
Computer Services ◽  
Dendritic Cell Algorithm ◽  
Network Anomaly Detection

Anomaly detection in computer networks is a complex task that requires the distinction of normality and anomaly. Network attack detection in information systems is a constant challenge in computer security research, as information systems provide essential services for enterprises and individuals. The consequences of these attacks could be the access, disclosure, or modification of information, as well as denial of computer services and resources. Intrusion Detection Systems (IDS) are developed as solutions to detect anomalous behavior, such as denial of service, and backdoors. The proposed model was inspired by the behavior of dendritic cells and their interactions with the human immune system, known as Dendritic Cell Algorithm (DCA), and combines the use of Multiresolution Analysis (MRA) Maximal Overlap Discrete Wavelet Transform (MODWT), as well as the segmented deterministic DCA approach (S-dDCA). The proposed approach is a binary classifier that aims to analyze a time-frequency representation of time-series data obtained from high-level network features, in order to classify data as normal or anomalous. The MODWT was used to extract the approximations of two input signal categories at different levels of decomposition, and are used as processing elements for the multi resolution DCA. The model was evaluated using the NSL-KDD, UNSW-NB15, CIC-IDS2017 and CSE-CIC-IDS2018 datasets, containing contemporary network traffic and attacks. The proposed MRA S-dDCA model achieved an accuracy of 97.37%, 99.97%, 99.56%, and 99.75% for the tested datasets, respectively. Comparisons with the DCA and state-of-the-art approaches for network anomaly detection are presented. The proposed approach was able to surpass state-of-the-art approaches with UNSW-NB15 and CSECIC-IDS2018 datasets, whereas the results obtained with the NSL-KDD and CIC-IDS2017 datasets are competitive with machine learning approaches.

DC-SIGN (dendritic cell-specific ICAM-grabbing non-integrin) and DC-SIGN-related (DC-SIGNR): friend or foe?

2003 ◽  
Vol 104 (4) ◽  
pp. 437-446 ◽  
Author(s):  
Elizabeth J. SOILLEUX
Keyword(s):  
Endothelial Cells ◽  
Dendritic Cells ◽  
Dendritic Cell ◽  
T Lymphocytes ◽  
High Efficiency ◽  
Immunoglobulin E ◽  
Expression Patterns ◽  
Intercellular Adhesion Molecule ◽  
Carbohydrate Binding ◽  
Wide Range

C-type lectins are calcium-dependent carbohydrate-binding proteins with a wide range of biological functions, many of which are related to immunity. DC-SIGN (dendritic cell-specific ICAM-grabbing non-integrin, where ICAM is intercellular adhesion molecule) is a recently described mannose-specific C-type lectin expressed by dendritic cells. Dendritic cells are potent antigen-presenting cells capable of activating T-lymphocytes. DC-SIGN, which is expressed by dendritic cells, binds to ICAM-3 on T-lymphocytes, therefore playing an important role in the activation of T-lymphocytes. DC-SIGN can also bind HIV, and the virus may remain bound to DC-SIGN for protracted periods. DC-SIGN may deliver bound HIV to permissive cell types, mediating infection with high efficiency. A closely related C-type lectin, DC-SIGN-related molecule (DC-SIGNR) has also been described. DC-SIGNR is expressed by restricted subsets of endothelial cells, but has similar ICAM-3 and HIV-binding properties to DC-SIGN. This review describes the mapping of DC-SIGN and DC-SIGNR to chromosome 19p13.3 adjacent to the previously described C-type lectin, CD23 [the low-affinity receptor for immunoglobulin E (FcERII)]. The similar genomic organization of these three genes is discussed and consideration is given to the evolutionary duplications that may underlie this arrangement. Both DC-SIGN and DC-SIGNR possess a neck region, made up of multiple repeats, which supports the ligand-binding domain. Consideration is given to the biological reasons underlying the considerable polymorphism in the numbers of repeats in DC-SIGNR, but not DC-SIGN. The expression patterns of both DC-SIGN and DC-SIGNR are discussed in detail, with particular attention to the expression of both molecules in the placenta, which may have implications for the vertical transmission of HIV. Since dendritic cells may be important in determining the phenotype of many immune responses, via effects on T-lymphocytes, the differential expression of DC-SIGN by particular dendritic cell subsets may have important implications for the immunobiological functions of DC-SIGN. Similarly, the expression of DC-SIGNR by very restricted subsets of endothelial cells may give clues to the function of DC-SIGNR. Finally, the role of DC-SIGN in pathology, particularly in infective and neoplastic processes, is discussed, followed by speculation about likely future developments in this field.

scholarly journals Information fusion for anomaly detection with the dendritic cell algorithm

2010 ◽  
Vol 11 (1) ◽  
pp. 21-34 ◽  
Author(s):  
Julie Greensmith ◽  
Uwe Aickelin ◽  
Gianni Tedesco
Keyword(s):  
Dendritic Cell ◽  
Anomaly Detection ◽  
Information Fusion ◽  
Dendritic Cell Algorithm

scholarly journals Towards Bio-Inspired Anomaly Detection Using the Cursory Dendritic Cell Algorithm

Algorithms ◽  
2021 ◽  
Vol 15 (1) ◽  
pp. 1
Author(s):  
Carlos Pinto ◽  
Rui Pinto ◽  
Gil Gonçalves
Keyword(s):  
Dendritic Cell ◽  
Anomaly Detection ◽  
Production Systems ◽  
Detection System ◽  
Artificial Immune Systems ◽  
Object Oriented ◽  
Research Area ◽  
Detection Problem ◽  
Network Intrusion ◽  
Dendritic Cell Algorithm

The autonomous and adaptable identification of anomalies in industrial contexts, particularly in the physical processes of Cyber-Physical Production Systems (CPPS), requires using critical technologies to identify failures correctly. Most of the existing solutions in the anomaly detection research area do not consider such systems’ dynamics. Due to the complexity and multidimensionality of CPPS, a scalable, adaptable, and rapid anomaly detection system is needed, considering the new design specifications of Industry 4.0 solutions. Immune-based models, such as the Dendritic Cell Algorithm (DCA), may provide a rich source of inspiration for detecting anomalies, since the anomaly detection problem in CPPS greatly resembles the functionality of the biological dendritic cells in defending the human body from hazardous pathogens. This paper tackles DCA limitations that may compromise its usage in anomaly detection applications, such as the manual characterization of safe and danger signals, data analysis not suitable for online classification, and the lack of an object-oriented implementation of the algorithm. The proposed approach, the Cursory Dendritic Cell Algorithm (CDCA), is a novel variation of the DCA, developed to be flexible and monitor physical industrial processes continually while detecting anomalies in an online fashion. This work’s contribution is threefold. First, it provides a comprehensive review of Artificial Immune Systems (AIS), focusing on AIS applied to the anomaly detection problem. Then, a new object-oriented architecture for the DCA implementation is described, enabling the modularity and abstraction of the algorithm stages into different classes (modules). Finally, the CDCA for the anomaly detection problem is proposed. The CDCA was successfully validated in two industrial-oriented dataset benchmarks for physical anomaly and network intrusion detection, the Skoltech Anomaly Benchmark (SKAB) and M2M using OPC UA. When compared to other algorithms, the proposed approach exhibits promising classification results. It was placed fourth on the SKAB scoreboard and presented a competitive performance with the incremental Dendritic Cell Algorithm (iDCA).

scholarly journals A New Intrusion Detection System Using the Improved Dendritic Cell Algorithm

2020 ◽  
Author(s):  
Ehsan Farzadnia ◽  
Hossein Shirazi ◽  
Alireza Nowroozi
Keyword(s):  
Dendritic Cells ◽  
Dendritic Cell ◽  
Intrusion Detection ◽  
Detection System ◽  
Binary Classification ◽  
Data Sampling ◽  
Classification Problems ◽  
Peripheral Tissues ◽  
Network Intrusion ◽  
Dendritic Cell Algorithm

Abstract The dendritic cell algorithm (DCA) as one of the emerging evolutionary algorithms is based on the behavior of the specific immune agents, known as dendritic cells (DCs). DCA has several potentially beneficial features for binary classification problems. In this paper, we aim at providing a new version of this immune-inspired mechanism acts as a semi-supervised classifier, which can be a defensive shield in network intrusion detection problem. Till now, no strategy or idea has been adopted on the $Get_{Antigen()}$ function on the detection phase, but random sampling entails the DCA to provide undesirable results in several cycles at each time. This leads to uncertainty. Whereas it must be accomplished by biological behaviors of DCs in peripheral tissues, we have proposed a novel strategy that exactly acts based on its immunological functionalities of dendritic cells. The proposed mechanism focuses on two items: first, to obviate the challenge of needing to have a preordered antigen set for computing danger signal, and the second, to provide a novel immune-inspired idea for nonrandom data sampling. A variable functional migration threshold is also computed cycle by cycle that shows the necessity of the migration threshold flexibility. A significant criterion so-called capability of intrusion detection (CID) is used for tests. All the tests have been performed in a new benchmark dataset named UNSW-NB15. Experimental consequences demonstrate that the present schema as the best version among improved DC algorithms achieves 76.69% CID by 90% accuracy and outperforms its counterpart methods.

Introducing Adjuvants for Dendritic Cell Algorithm to Detect Stealthy Malware

2012 ◽  
Vol 195-196 ◽  
pp. 509-514 ◽  
Author(s):  
Jun Fu ◽  
Yi Wen Liang ◽  
Cheng Yu Tan ◽  
Huan Yang
Keyword(s):  
Dendritic Cells ◽  
Dendritic Cell ◽  
Immune Responses ◽  
Detection Rate ◽  
Malware Detection ◽  
Dendritic Cell Algorithm

The increase in stealth of malware has brought the Dendritic Cell Algorithm (DCA) many difficulties in malware detection. To solve this problem, in this paper we take inspiration from immunological adjuvant which can enhance the immune responses to weak antigens, and propose its counterpart namely artificial adjuvant as an improvement for the DCA. Artificial adjuvants are capable of increasing the immunogenicity of stealthy malware and accelerating the reaction of the dendritic cells (DCs). In such a way, they shed some lights for the DCA on improving the performance of stealthy malware detection in respect of not only improving the detection rate, but also helping detecting hidden malware as soon as possible.

From the General to the Specific: Inducing a Novel Dendritic Cell Algorithm from a Detailed State-of-the-Art Review

2016 ◽  
Vol 30 (03) ◽  
pp. 1659009 ◽  
Author(s):  
Zeineb Chelly ◽  
Zied Elouedi
Keyword(s):  
Dendritic Cells ◽  
Dendritic Cell ◽  
Evolutionary Algorithms ◽  
Classification Accuracy ◽  
State Of The Art ◽  
Binary Classification ◽  
Classification Problems ◽  
General Review ◽  
Dendritic Cell Algorithm ◽  
Basic Features

Considered as one of the emerging evolutionary algorithms, the Dendritic Cell Algorithm (DCA) is based on the behavior of specific immune agents; known as Dendritic Cells (DCs). Studies related with DCA are increasingly becoming popular and this is due to the worthy characteristics expressed by the algorithm as it exhibits several potentially beneficial features for binary classification problems. Yet, according to our best knowledge, there is no study summarizing the basic features of the DCA developed versions all in one paper. Hence, in this paper we aim at summarizing the powerful characteristics of the DCA while making a general review of the algorithm. We aim at studying the various versions of DCA while highlighting their characteristics, advantages and limitations. Based on this study and from the conducted conclusions, we intend to generate a well-studied novel DC classifier based on the positive aspects reflected by the previously proposed DCA versions. Results show that our proposed algorithm succeeds in obtaining significantly improved classification accuracy.

Sign in / Sign up

Export Citation Format

Share Document