A Revised Dendritic Cell Algorithm Using K-Means Clustering

The most daunting and challenging task in intrusion detection is to distinguishing between normal and malicious traffics effectively. In order to complete such a task, the biological danger theory has appeared to be one of the most appealing immunological models which has been converted to a computer science algorithm, named as Dendritic Cell Algorithm (DCA). To perform a binary classification, the DCA goes through four phases, preprocessing, detection, context assessment and classification. In particular, the context assessment phase is performed by comparing the signal concentration values between mature (i.e., abnormality) and semi-mature (i.e., normality) contexts. The conventional DCA requires a crisp separation between semi-mature and mature cumulative context values. This can be hard if the difference between the two contexts is marginal, which negatively affects the classification accuracy. In addition, it is technically difficult to quantify the actual meaning of semi-mature and mature in the DCA. This paper proposes an approach that integrates the K-Means clustering algorithm to the DCA to map the DCA cumulative semi-mature and mature context values into semi-mature (normal) and mature (anomaly) clusters in order to improve the classification accuracy. The KDD99 data set was utilized in this work for system validation and evaluation, and the experimental results revealed an improvement in the classification accuracy by the proposed approach.

[1]  Julie Greensmith,et al.  DCA for bot detection , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[2]  Zied Elouedi,et al.  A survey of the dendritic cell algorithm , 2015, Knowledge and Information Systems.

[3]  John H. Holland,et al.  Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence , 1992 .

[4]  Nitin Naik,et al.  Dendritic Cell Algorithm with Optimised Parameters Using Genetic Algorithm , 2018, 2018 IEEE Congress on Evolutionary Computation (CEC).

[5]  Tarek N. Saadawi,et al.  Denial of service attack detection using dendritic cell algorithm , 2017, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).

[6]  Tarek N. Saadawi,et al.  Deterministic Dendritic Cell Algorithm Application to Smart Grid Cyber-Attack Detection , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[7]  John R. Anderson,et al.  MACHINE LEARNING An Artificial Intelligence Approach , 2009 .

[8]  Yizong Cheng,et al.  Mean Shift, Mode Seeking, and Clustering , 1995, IEEE Trans. Pattern Anal. Mach. Intell..

[9]  Zied Elouedi,et al.  Hybridization Schemes of the Fuzzy Dendritic Cell Immune Binary Classifier based on Different Fuzzy Clustering Techniques , 2015, New Generation Computing.

[10]  Zied Elouedi,et al.  A Fuzzy-Rough Data Pre-processing Approach for the Dendritic Cell Classifier , 2013, ECSQARU.

[11]  Zied Elouedi,et al.  FDCM: A Fuzzy Dendritic Cell Method , 2010, ICARIS.

[12]  T. Moon The expectation-maximization algorithm , 1996, IEEE Signal Process. Mag..

[13]  Malcolm I. Heywood,et al.  Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 99 , 2005, PST.

[14]  Julie Greensmith,et al.  Greensmith, Julie and Aickelin, Uwe and Cayzer, Steve (2005) 'Introducing Dendritic Cells as a Novel Immune- Inspired Algorithm for Anomaly Detection'. In: ICARIS- , 2017 .

[15]  F M BURNET,et al.  Immunological recognition of self. , 1961, Science.

[16]  P. Matzinger The Danger Model: A Renewed Sense of Self , 2002, Science.

[17]  Longzhi Yang,et al.  Privacy and Security Aspects of E-Government in Smart Cities , 2019, Smart Cities Cybersecurity and Privacy.

[18]  ChengYizong Mean Shift, Mode Seeking, and Clustering , 1995 .

[19]  L.-F. Pau Business and social evaluation of denial of service attacks of communications networks in view of scaling economic counter-measures , 2010, 2010 IEEE/IFIP Network Operations and Management Symposium Workshops.

[20]  Uwe Aickelin,et al.  Danger Theory: The Link between AIS and IDS? , 2003, ICARIS.

[21]  R. Steinman,et al.  Dendritic cells and the control of immunity , 1998, Nature.

[22]  Shruti Kapil,et al.  Performance evaluation of K-means clustering algorithm with various distance metrics , 2016, 2016 IEEE 1st International Conference on Power Electronics, Intelligent Control and Energy Systems (ICPEICES).

[23]  Julie Greensmith,et al.  Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows , 2008, ICARIS.

[24]  Thomas Stibor,et al.  On the appropriateness of negative selection for anomaly detection and network intrusion detection , 2006 .

[25]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[26]  Fei Chao,et al.  Generalized Adaptive Fuzzy Rule Interpolation , 2017, IEEE Transactions on Fuzzy Systems.

[27]  Qiang Shen,et al.  Closed form fuzzy interpolation , 2013, Fuzzy Sets Syst..

[28]  Jie Li,et al.  Grooming Detection using Fuzzy-Rough Feature Selection and Text Classification , 2018, 2018 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE).

[29]  Jie Li,et al.  Dendritic Cell Algorithm with Fuzzy Inference System for Input Signal Generation , 2018, UKCI.