Detecting Denial of Service Attacks Using a Combination of Dendritic Cell Algorithm and the Negative Selection Algorithm

As one of the most common and aggressive means, denial-of-service (DoS) attacks cause serious impact on computing systems and networks. This paper presents a system for detecting denial of service (DoS) attacks in a network using a combination of the dendritic cell algorithm (DCA) and the negative selection algorithm (NSA). The proposed system classifies incoming network traffic into either of two classes: "normal" or "DoS attack." Experimentally, our approach follows a majority voting technique by creating multiple instances of the DCA and the NSA algorithm and assigning weights to their respective output. The effectiveness of our proposed detection system is evaluated using an in-house generated signal dataset. Our results show that our system is very effective in detecting DoS/DDoS attacks with very high accuracy. Analysis of the proposed DoS detection system is also presented.

[1]  Stephanie Forrest,et al.  Principles of a computer immune system , 1998, NSPW '97.

[2]  Zhou Ji,et al.  Real-Valued Negative Selection Algorithm with Variable-Sized Detectors , 2004, GECCO.

[3]  Julie Greensmith,et al.  The Deterministic Dendritic Cell Algorithm , 2008, ICARIS.

[4]  Reda Alhajj,et al.  Early DDoS Detection Based on Data Mining Techniques , 2014, WISTP.

[5]  Geert Deconinck,et al.  Tackling Application-layer DDoS Attacks , 2012, ANT/MobiWIS.

[6]  Uwe Aickelin,et al.  The Danger Theory and Its Application to Artificial Immune Systems , 2008, ArXiv.

[7]  Julie Greensmith,et al.  DCA for bot detection , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[8]  Eric Bauer,et al.  An Empirical Comparison of Voting Classification Algorithms: Bagging, Boosting, and Variants , 1999, Machine Learning.

[9]  Dawei Wang,et al.  Exploiting Artificial Immune systems to detect unknown DoS attacks in real-time , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[10]  Wanlei Zhou,et al.  Distributed Denial of Service (DDoS) detection by traffic pattern analysis , 2014, Peer-to-Peer Netw. Appl..

[11]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[12]  Julie Greensmith,et al.  Greensmith, Julie and Aickelin, Uwe and Cayzer, Steve (2005) 'Introducing Dendritic Cells as a Novel Immune- Inspired Algorithm for Anomaly Detection'. In: ICARIS- , 2017 .

[13]  Muhammad Zubair Shafiq,et al.  Defence Against 802.11 DoS Attacks Using Artificial Immune System , 2007, ICARIS.

[14]  Hossein Pedram,et al.  A DDoS-Aware IDS Model Based on Danger Theory and Mobile Agents , 2009, 2009 International Conference on Computational Intelligence and Security.

[15]  Xiangjian He,et al.  A System for Denial-of-Service Attack Detection Based on Multivariate Correlation Analysis , 2014, IEEE Transactions on Parallel and Distributed Systems.

[16]  Mohamed M. K. Elhaj,et al.  A multi-layer network defense system using artificial immune system , 2013, 2013 INTERNATIONAL CONFERENCE ON COMPUTING, ELECTRICAL AND ELECTRONIC ENGINEERING (ICCEEE).

[17]  Yoshua Bengio,et al.  Random Search for Hyper-Parameter Optimization , 2012, J. Mach. Learn. Res..

[18]  Tarek N. Saadawi,et al.  Distributed Network Intrusion Detection Systems: An Artificial Immune System Approach , 2016, 2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE).

[19]  Julie Greensmith,et al.  The Dendritic Cell Algorithm for Intrusion Detection , 2013, Biologically Inspired Networking and Sensing.

[20]  Ajith Abraham,et al.  Modeling intrusion detection system using hybrid intelligent systems , 2007, J. Netw. Comput. Appl..

[21]  Sergio Takeo Kofuji,et al.  Viterbi algorithm for detecting DDoS attacks , 2015, 2015 IEEE 40th Conference on Local Computer Networks (LCN).