Dendritic Cell Algorithm Research Articles

Dendritic Cell Algorithm for Mobile Phone Spam Filtering

With the revolution of mobile devices and their applications, significant improvements have been witnessed over years to support new features in addition to normal phone communication including web browsing, social networking and entertainment, mobile payment, medical and personal records, e-learning, and rich connectivity to multiple networks. As mobile devices continue to evolve, the volume of hacking activities targeting them also increases drastically. Receiving short message spam is one of the common vectors for security breaches. Besides wasting resources and being annoying to end-users, it can be used for phishing attacks and as a vehicle for other malware types such as worms, backdoors, and key loggers. The next generation of mobile technologies has more emphasis on security-related issues to protect confidentiality, integrity and availability. This paper explores a number of content-based feature sets to enhance the mobile phone text messaging services in filtering unwanted messages (a.k.a. spam). Moreover, it develops a more effective spam filtering model using a combination of most relevant features and by fusing decisions of two machine learning algorithms with the Dendritic Cell Algorithm (DCA). The performance has been evaluated empirically on two SMS spam datasets. The results showed that significant improvements can be achieved in the overall accuracy, recall and precision of spam and legitimate messages due to the application of the proposed DCA-based model.

Immunological Approach for Intrusion Detection

One of the central challenges with computer security is determining the difference between normal and potentially harmful behavior. For decades, developers have protected their systems using classical methods. However, the growth and complexity of computer systems or networks to protect require the development of automated and adaptive defensive tools. Promising solutions are emerging with biological inspired computing, and in particular, the immunological approach. In this paper, we propose two artificial immune systems for intrusion detection using the KDD Cup'99 database. The first one is based on the danger theory using the dendritic cells algorithm and the second is based on negative selection. The obtained results are promising

Outbreak detection model based on danger theory

In outbreak detection, one of the key issues is the need to deal with the weakness of early outbreak signals because this causes the detection model to have has less capability in terms of robustness when unseen outbreak patterns vary from those in the trained model. As a result, an imbalance between high detection rate and low false alarm rate occurs. To solve this problem, this study proposes a novel outbreak detection model based on danger theory; a bio-inspired method that replicates how the human body fights pathogens. We propose a signal formalization approach based on cumulative sum and a cumulative mature antigen contact value to suit the outbreak characteristic and danger theory. Two outbreak diseases, dengue and SARS, are subjected to a danger theory algorithm; namely the dendritic cell algorithm. To evaluate the model, four measurement metrics are applied: detection rate, specificity, false alarm rate, and accuracy. From the experiment, the proposed model outperforms the other detection approaches and shows a significant improvement for both diseases outbreak detection. The findings reveal that the robustness of the proposed immune model increases when dealing with inconsistent outbreak signals. The model is able to detect new unknown outbreak patterns and can discriminate between outbreak and non-outbreak cases with a consistent high detection rate, high sensitivity, and lower false alarm rate even without a training phase.

Double Anomaly Detection Algorithm Based on Dendritic Cells

On the problem of data quantity in anomaly detection, traditional dendritic cell algorithms should be improved by proposing an antigen data preprocessing method which introduced suspected abnormal base. The abnormal data should be judged with high efficiency in the shortest time possible by double anomaly detection. First of all, set of the original data should be preprocessed into individual antigen, and was matched with the suspected abnormal base to conduct the first anomaly detection. Then a double anomaly detection should be conducted by dendritic cell algorithm and the intensity of anomaly be judged according to the dynamic anomaly index. Experiments show that this algorithm produces better effect on both time and accuracy.

Method of Locating Anomaly Source in Software System Based on Dendritic Cell Algorithm

The method of anomaly detection in traditional software system cannot locate anomaly or find the lack of abnormal source accurately and timely. With regard to this deficiency, this paper presents an improved algorithm based on biological immune dendritic cell algorithm. This method aims to modify PAMP signal to achieve the purpose of locating anomaly source. It proves not only applicable to the real-time detection, but also to locate the anomaly source and processing, which further improves the accuracy of anomaly detection.

Enhancing Keylogger Detection Performance of the Dendritic Cell Algorithm by an Enticement Strategy

Evasive software keyloggers hide their malicious behaviors to defeat run-time detection. In this paper, based on the analysis of the evasion mechanisms used by common software keyloggers, we established a framework for their detection. Using an enticement strategy, the framework we built could induce keyloggers exhibited more obvious malicious activities by mimicking user keystrokes. These 'amplified' activities are then correlated by the dendritic cell algorithm (an immune-inspired algorithm) to final determine the existence of a keylogger in a host. Preliminary experimental results showed that the framework could improve the performance of keylogger detection and hard to evade. Index Terms—keylogger, keystroke simulation, dendritic cell algorithm (DCA), correlation

Dendritic Cell Algorithm and Dempster Belief Theory Based Approach for Intrusion Detection System

Everyone knows the services of the Internet. Internet services contain large scale of data. Security is one of the important issues during transmission of data over the network. To avoid misuse of data an efficient Network Intrusion Detection Systems (NIDS) is needed. To predict intrusion over the network a combined features of Dendritic Cell Algorithm (DCA) and Dempster Belief Theory (DBT) has been used called hybrid model of DCA and DBT. This algorithmic approach comes under the Artificial Immune Detection System. The presented system is about to analyze the network statistics under different parameters and identify the False Negative Rate and the Uncertainty Parameters. Based on these parameters analysis, the intrusion will be identified. The work is about to decrease the False Positive and False Negative rates so that the more effective intrusion detection will be performed.

Theoretical formulation and analysis of the deterministic dendritic cell algorithm

As one of the emerging algorithms in the field of artificial immune systems (AIS), the dendritic cell algorithm (DCA) has been successfully applied to a number of challenging real-world problems. However, one criticism is the lack of a formal definition, which could result in ambiguity for understanding the algorithm. Moreover, previous investigations have mainly focused on its empirical aspects. Therefore, it is necessary to provide a formal definition of the algorithm, as well as to perform runtime analyses to reveal its theoretical aspects. In this paper, we define the deterministic version of the DCA, named the dDCA, using set theory and mathematical functions. Runtime analyses of the standard algorithm and the one with additional segmentation are performed. Our analysis suggests that the standard dDCA has a runtime complexity of O(n2) for the worst-case scenario, where n is the number of input data instances. The introduction of segmentation changes the algorithm's worst case runtime complexity to O(max(nN,nz)), for DC population size N with size of each segment z. Finally, two runtime variables of the algorithm are formulated based on the input data, to understand its runtime behaviour as guidelines for further development.

Survey of DCA for Abnormal Detection

As a latest immune algorithm, dendritic cell algorithm (DCA) has been successfully applied into the abnormal detection. First, this paper reviewed the research progress of DCA from the following aspects: signal extraction technology, DCA signal processing technology, the decision method for load anomaly judgment, and the application research of DCA. Next, the corresponding solving thoughts for the main problems existing in the DCA were proposed in this paper. Finally, the future research trends of DCA were presented in this paper.

Theoretical Formulation and Analysis of the Deterministic Dendritic Cell Algorithm

As one of the emerging algorithms in the field of artificial immune systems (AIS), the dendritic cell algorithm (DCA) has been successfully applied to a number of challenging real-world problems. However, one criticism is the lack of a formal definition, which could result in ambiguity for understanding the algorithm. Moreover, previous investigations have mainly focused on its empirical aspects. Therefore, it is necessary to provide a formal definition of the algorithm, as well as to perform runtime analyses to reveal its theoretical aspects. In this paper, we define the deterministic version of the DCA, named the dDCA, using set theory and mathematical functions. Runtime analyses of the standard algorithm and the one with additional segmentation are performed. Our analysis suggests that the standard dDCA has a runtime complexity of O(n2) for the worst-case scenario, where n is the number of input data instances. The introduction of segmentation changes the algorithm's worst case runtime complexity to O(max(n N,nz)), for DC population size N with size of each segment z. Finally, two runtime variables of the algorithm are formulated based on the input data, to understand its runtime behaviour as guidelines for further development.

Introducing Adjuvants for Dendritic Cell Algorithm to Detect Stealthy Malware

The increase in stealth of malware has brought the Dendritic Cell Algorithm (DCA) many difficulties in malware detection. To solve this problem, in this paper we take inspiration from immunological adjuvant which can enhance the immune responses to weak antigens, and propose its counterpart namely artificial adjuvant as an improvement for the DCA. Artificial adjuvants are capable of increasing the immunogenicity of stealthy malware and accelerating the reaction of the dendritic cells (DCs). In such a way, they shed some lights for the DCA on improving the performance of stealthy malware detection in respect of not only improving the detection rate, but also helping detecting hidden malware as soon as possible.

Intrusion Detection System for Wireless Sensor Networks Using Danger Theory Immune-Inspired Techniques

An IDS framework inspired in the Human Immune System to be applied in the wireless sensor network context is proposed. It uses an improved decentralized and customized version of the Dendritic Cell Algorithm, which allows nodes to monitor their neighborhood and collaborate to identify an intruder. The work was implemented and tested both in simulation and in real sensor platform scenarios, comparing them to each other and was also compared to a Negative Selection Theory implementation in order to demonstrate its efficiency in detecting a denial-of-sleep attack and in energy consumption. Results demonstrated the success of the proposal.

Intrusion Detection Technique based on Dendritic Cell Algorithm and Dempster Belief Theory

Today traditional intrusion detection systems are unable to detect intrusion attacks. Huge number of false alarm generated by the system results in financial loss of an organization. The unique features of artificial immune system encourage and motivate the researchers to employ this technique in variety of applications and especially in intrusion detection systems. Recently Artificial immune system (AIS) has been applied for anomaly based intrusion detection in computer networks. Artificial immune system is a new technique which is applied for solving various problems in the field of information security. In this paper we presents a intrusion detection system based on one of the algorithm of artificial immune system called the Dendritic Cell Algorithm (DCA) and Dempster–Belief Theory (DBT) in order to minimise the rate of the generation of intrusion detection system , false positive rate and improve correlation factor in the designed intrusion detection system. With the help of Dempster–Belief theory we calculate the degree of uncertainty and with the help of event gathering calculate the entropy, which help us to determine the intrusion in the given system. Data having higher entropy is regarded as the “intruder” and generate the alarm. Thus with the help of this dual detection technique we can not only minimize the false positive and false negative rate but also improved the correlation technique and decrease the intrusion rate in the system. KeywordsArtificial Immune System, intrusion detection system, human immune system, danger theory, negative selection algorithm, DCA, Dempster–Belief theory.

Detecting Faults in IP-PBX with Deterministic Dendritic Cell Algorithm

Detecting Faults in IP-PBX with Deterministic Dendritic Cell Algorithm

Multiagent-based computer virus detection systems: abstraction from dendritic cell algorithm with danger theory

Biologically-inspired artificial immune systems (AIS) have been applied to computer virus detection systems (CVDS). A multiagent-based CVDS (ABCVDS) inspired by the danger theory of human immune system is proposed. The intelligence behind ABCVDS is based on the functionalities of dendritic cells in human immune systems. Multiple agents are embedded to this virus detection system, where agents coordinate one another to calculate mature context antigen value (MCAV). Accordingly, computer hosts undergone with malicious intrusions can be effectively detected via input signals and temporary output signals.

A novel hybrid artificial immune inspired approach for online break-in fraud detection

Abstract This paper proposes a new hybrid model for online fraud detection of the Video-on-Demand System, which is aimed to improve the current Risk Management Pipeline (RMP) by adding Artificial Immune System (AIS) based fraud detection for logging data. The AIS based model combines two artificial immune system algorithms with behavior based intrusion detection using Classification and Regression trees (CART). Immune inspired algorithms include the improved version of negative selection called Conserved Self Pattern Recognition Algorithm (CSPRA) and a recently established algorithm inspired by Danger Theory (DT) called Dendritic Cells Algorithm (DCA). The hybrid method based on stacking-bagging demonstrates higher detection rate lower false alarm, and handles high dimensional data set better when compared to the results achieved using only CSPRA, DCA, and CART.

Information Fusion for Anomaly Detection with the Dendritic Cell Algorithm

Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a Dendritic Cell Algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the Dendritic Cell Algorithm is successful at detecting port scans.

Information fusion for anomaly detection with the dendritic cell algorithm

Dendritic cells are antigen presenting cells that provide a vital link between the innate and adaptive immune system, providing the initial detection of pathogenic invaders. Research into this family of cells has revealed that they perform information fusion which directs immune responses. We have derived a dendritic cell algorithm based on the functionality of these cells, by modelling the biological signals and differentiation pathways to build a control mechanism for an artificial immune system. We present algorithmic details in addition to experimental results, when the algorithm was applied to anomaly detection for the detection of port scans. The results show the dendritic cell algorithm is successful at detecting port scans.

Exploration of the Dendritic Cell Algorithm with the Duration Calculus

As one of the newest members in Artificial Immune Systems (AIS), the Dendritic Cell Algorithm (DCA) has been applied to a range of problems. These applications mainly belong to the field of anomaly detection. However, real-time detection, a new challenge to anomaly detection, requires improvement on the real-time capability of the DCA. To assess such capability, formal methods in the research of real-time systems can be employed. The findings of the assessment can provide guideline for the future development of the algorithm. Therefore, in this paper we use an interval logic based method, named the Duration Calculus (DC), to specify a simplified single-cell model of the DCA. Based on the DC specifications with further induction, we find that each individual cell in the DCA can perform its function as a detector in real-time. Since the DCA can be seen as many such cells operating in parallel, it is potentially capable of performing real-time detection. However, the analysis process of the standard DCA constricts its real-time capability. As a result, we conclude that the analysis process of the standard DCA should be replaced by a real-time analysis component, which can perform periodic analysis for the purpose of real-time detection.

Artificial Dendritic Cells: Multi-Faceted Perspectives

Dendritic cells are the crime scene investigators of the human immune system. Their function is to correlate potentially anomalous invading entities with observed damage to the body. The detection of such invaders by dendritic cells results in the activation of the adaptive immune system, eventually leading to the removal of the invader from the host body. This mechanism has provided inspiration for the development of a novel bio-inspired algorithm, the Dendritic Cell Algorithm. This algorithm processes information at multiple levels of resolution, resulting in the creation of information granules of variable structure. In this chapter we examine the multi-faceted nature of immunology and how research in this field has shaped the function of the resulting Dendritic Cell Algorithm. A brief overview of the algorithm is given in combination with the details of the processes used for its development. The chapter is concluded with a discussion of the parallels between our understanding of the human immune system and how such knowledge influences the design of artificial immune systems.