Integrating real-time analysis with the dendritic cell algorithm through segmentation

As an immune inspired algorithm, the Dendritic Cell Algorithm (DCA) has been applied to a range of problems, particularly in the area of intrusion detection. Ideally, the intrusion detection should be performed in real-time, in order to continuously detect misuses, as soon as they occur. Consequently, the analysis process performed by an intrusion detection system must operate in real-time or near-to real-time. The analysis process of the DCA is currently performed offline, therefore to improve the algorithm's performance we suggest the development of a real-time analysis component. The initial step of the development is to apply segmentation to the DCA. This involves segmenting the current output of the DCA into slices and performing the analysis in various ways. Two segmentation approaches are introduced and tested in this paper, namely antigen based segmentation (ABS) and time based segmentation (TBS). The results of the corresponding experiments suggest that applying segmentation produces different and significantly better results in some cases, when compared to the standard DCA without segmentation. Therefore, we conclude that the segmentation is applicable to the DCA for the purpose of real-time analysis.

[1]  Julie Greensmith,et al.  DCA for bot detection , 2008, 2008 IEEE Congress on Evolutionary Computation (IEEE World Congress on Computational Intelligence).

[2]  Graham Kendall,et al.  Frequency analysis for dendritic cell population tuning , 2008, Evol. Intell..

[3]  Gerold Schuler,et al.  Immature, semi-mature and fully mature dendritic cells: which signals induce tolerance or immunity? , 2002, Trends in immunology.

[4]  Hong Shen,et al.  Application of online-training SVMs for real-time intrusion detection with different considerations , 2005, Comput. Commun..

[5]  Christopher Krügel,et al.  Stateful intrusion detection for high-speed network's , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[6]  Julie Greensmith,et al.  Dendritic cells for SYN scan detection , 2007, GECCO '07.

[7]  Gu Ji-yan,et al.  The Dendritic Cell Algorithm , 2011 .

[8]  Jonathan Timmis,et al.  Artificial Immune Systems: A New Computational Intelligence Approach , 2003 .

[9]  Jonathan Timmis,et al.  Artificial immune systems - a new computational intelligence paradigm , 2002 .

[10]  Wolfram Burgard,et al.  The dynamic window approach to collision avoidance , 1997, IEEE Robotics Autom. Mag..

[11]  Julie Greensmith,et al.  The Application of a Dendritic Cell Algorithm to a Robotic Classifier , 2007, ICARIS.

[12]  Zhou Chaochen,et al.  Duration Calculus: A Formal Approach to Real-Time Systems , 2004 .

[13]  Julie Greensmith,et al.  The Deterministic Dendritic Cell Algorithm , 2008, ICARIS.

[14]  Julie Greensmith,et al.  The dendritic cell algorithm , 2007 .

[15]  Julie Greensmith,et al.  Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows , 2008, ICARIS.

[16]  Julie Greensmith,et al.  The DCA: SOMe comparison , 2008, Evol. Intell..

[17]  Michael R. Hansen,et al.  Duration Calculus: A Formal Approach to Real-Time Systems (Monographs in Theoretical Computer Science. an Eatcs Seris) , 2004 .

[18]  Claudia Eckert,et al.  A Comparative Study of Real-Valued Negative Selection to Statistical Anomaly Detection Techniques , 2005, ICARIS.

[19]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[20]  Henning Dierks,et al.  PLC-automata: a new class of implementable real-time automata , 1997, Theor. Comput. Sci..