Abstract
The Dendritic Cell Algorithm (DCA) is inspired by the function of the dendritic cells of the human immune system. In nature, dendritic cells are the intrusion detection agents of the human body, policing the tissue and organs for potential invaders in the form of pathogens. In this research, and abstract model of DC behaviour is developed and subsequently used to form an algorithm, the DCA. The abstraction process was facilitated through close collaboration with laboratory-based immunologists, who performed bespoke experiments, the results of which are used as an integral part of this algorithm. The DCA is a population based algorithm, with each agent in the system represented as an ‘artificial DC’. Each DC has the ability to combine multiple data streams and can add context to data suspected as anomalous. In this chapter the abstraction process and details of the resultant algorithm are given. The algorithm is applied to numerous intrusion detection problems in computer security including the detection of port scans and botnets, where it has produced impressive results with relatively low rates of false positives.
Highlights
The Dendritic Cell Algorithm (DCA) is a biologically-inspired technique, developed for the purpose of detecting intruders in computer networks
The DCA is based on a metaphor of naturally occuring dendritic cells (DCs), a type of cell which is native to the innate arm of the immune system
The DCA has been developed as part of an interdisciplinary project, known as the ‘Danger Project’ [Aickelin et al, 2003], which comprised a team of researchers including practical immunologists, computer scientists and computer security specialists
Summary
The Dendritic Cell Algorithm (DCA) is a biologically-inspired technique, developed for the purpose of detecting intruders in computer networks. This algorithm belongs to a class of biologically inspired algorithms known as Artificial Immune Systems [de Castro and Timmis, 2002]. The assessment of the signal output of the entire DC population is used to perform correlation with ‘suspect’ data items In this chapter the history of the development of the DCA is presented, including a brief overview of the abstract biology used to underpin the algortithm This is followed by a detailed description of a generic DC based algorithm, including pseudocode and worked example calculations. This chapter concludes with a discussion of the applications of the algorthim to date, and application areas to which the algorithm could be applied are suggested
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
