Advertisement

Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows

  • Feng Gu
  • Julie Greensmith
  • Uwe Aickelin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5132)

Abstract

As an immune-inspired algorithm, the Dendritic Cell Algorithm (DCA), produces promising performance in the field of anomaly detection. This paper presents the application of the DCA to a standard data set, the KDD 99 data set. The results of different implementation versions of the DCA, including antigen multiplier and moving time windows, are reported. The real-valued Negative Selection Algorithm (NSA) using constant-sized detectors and the C4.5 decision tree algorithm are used, to conduct a baseline comparison. The results suggest that the DCA is applicable to KDD 99 data set, and the antigen multiplier and moving time windows have the same effect on the DCA for this particular data set. The real-valued NSA with contant-sized detectors is not applicable to the data set. And the C4.5 decision tree algorithm provides a benchmark of the classification performance for this data set.

Keywords

Receiver Operating Characteristic Intrusion Detection Anomaly Detection Decision Tree Algorithm Antigen Type 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Aickelin, U., Bentley, P., Cayzer, S., Kim, J., McLeod, J.: Danger Theory: The Link between AIS and IDS. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 147–155. Springer, Heidelberg (2003)Google Scholar
  2. 2.
    Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A geometric framework for unsupervised anomaly detection: Detecing intrusions in unlabled data. In: Barbara, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security, ch. 4. Kluwer, Dordrecht (2002)Google Scholar
  3. 3.
    Gonzalez, A., Dasgupta, D.: Anomaly Detection Using Real-Valued Negative Selection. Genetic Programming and Evolvable Machines 4(4), 383–403 (2004)CrossRefGoogle Scholar
  4. 4.
    Greensmith, J., Aickelin, U.: DCA for SYN Scan Detection. In: Genetic and Evolutionary Computation Conference (GECCO), pp. 49–56 (2007)Google Scholar
  5. 5.
    Greensmith, J., Aickelin, U., Cayzer, S.: Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection. In: Jacob, C., Pilat, M.L., Bentley, P.J., Timmis, J.I. (eds.) ICARIS 2005. LNCS, vol. 3627, pp. 153–167. Springer, Heidelberg (2005)Google Scholar
  6. 6.
    Greensmith, J., Twycross, J., Aickelin, U.: Articulation and Clarification of the Dendritic Cell Algorithm. In: Bersini, H., Carneiro, J. (eds.) ICARIS 2006. LNCS, vol. 4163, pp. 404–417. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Hettich, S., Bay, S.D.: The UCI KDD Archive. Technical report, University of California, Department of Information and Computer Science, Irvine, CA (1999), http://kdd.ics.uci.edu
  8. 8.
    MIT Lincoln Lab Information System Technology Group. The 1998 Intrusion Detection Off-line Evaluation Plan (March 1998), http://www.ll.mit.edu/IST/ideval/data/1998/
  9. 9.
    Ji, Z., Dasgupta, D.: Applicability Issues of the Real-Valued Negative Selecion Algorithms. In: Genetic and Evolutionary Computation Conference (GECCO), pp. 111–118 (2006)Google Scholar
  10. 10.
    Kayacik, N., Zincir-Heywood, G., Heywood, M.: On the Capability of an SOM based Intrusion Detection System. In: Proceedings of International Joint Conference on Neural Networks, vol. 3, pp. 1808–1813 (2003)Google Scholar
  11. 11.
    Kayacik, N., Zincir-Heywood, G., Heywood, M.: Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 1999 Intrusion Detection Datasets. In: Third Annual Conference on Privacy, Security and Trust (PST) (2005)Google Scholar
  12. 12.
    Levin, I.: KDD 1999 Classifier Learning Contest: LLSoft’s Results Overview. SIGKDD Explorations 1(2), 67–75 (2000)CrossRefGoogle Scholar
  13. 13.
    Mitchell, T.M.: Machine Learning. McGraw-Hill Series in Computer Science. McGraw-Hill, New York (1997)zbMATHGoogle Scholar
  14. 14.
    Witten, I.H., Frank, E.: Data Mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Feng Gu
    • 1
  • Julie Greensmith
    • 1
  • Uwe Aickelin
    • 1
  1. 1.School of Computer ScienceUniversity of NottinghamUK

Personalised recommendations