Abstract
As an immune-inspired algorithm, the Dendritic Cell Algorithm (DCA), produces promising performance in the field of anomaly detection. This paper presents the application of the DCA to a standard data set, the KDD 99 data set. The results of different implementation versions of the DCA, including antigen multiplier and moving time windows, are reported. The real-valued Negative Selection Algorithm (NSA) using constant-sized detectors and the C4.5 decision tree algorithm are used, to conduct a baseline comparison. The results suggest that the DCA is applicable to KDD 99 data set, and the antigen multiplier and moving time windows have the same effect on the DCA for this particular data set. The real-valued NSA with contant-sized detectors is not applicable to the data set. And the C4.5 decision tree algorithm provides a benchmark of the classification performance for this data set.
Keywords
- Receiver Operating Characteristic
- Intrusion Detection
- Anomaly Detection
- Decision Tree Algorithm
- Antigen Type
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Aickelin, U., Bentley, P., Cayzer, S., Kim, J., McLeod, J.: Danger Theory: The Link between AIS and IDS. In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 147–155. Springer, Heidelberg (2003)
Eskin, E., Arnold, A., Prerau, M., Portnoy, L., Stolfo, S.: A geometric framework for unsupervised anomaly detection: Detecing intrusions in unlabled data. In: Barbara, D., Jajodia, S. (eds.) Applications of Data Mining in Computer Security, ch. 4. Kluwer, Dordrecht (2002)
Gonzalez, A., Dasgupta, D.: Anomaly Detection Using Real-Valued Negative Selection. Genetic Programming and Evolvable Machines 4(4), 383–403 (2004)
Greensmith, J., Aickelin, U.: DCA for SYN Scan Detection. In: Genetic and Evolutionary Computation Conference (GECCO), pp. 49–56 (2007)
Greensmith, J., Aickelin, U., Cayzer, S.: Introducing Dendritic Cells as a Novel Immune-Inspired Algorithm for Anomaly Detection. In: Jacob, C., Pilat, M.L., Bentley, P.J., Timmis, J.I. (eds.) ICARIS 2005. LNCS, vol. 3627, pp. 153–167. Springer, Heidelberg (2005)
Greensmith, J., Twycross, J., Aickelin, U.: Articulation and Clarification of the Dendritic Cell Algorithm. In: Bersini, H., Carneiro, J. (eds.) ICARIS 2006. LNCS, vol. 4163, pp. 404–417. Springer, Heidelberg (2006)
Hettich, S., Bay, S.D.: The UCI KDD Archive. Technical report, University of California, Department of Information and Computer Science, Irvine, CA (1999), http://kdd.ics.uci.edu
MIT Lincoln Lab Information System Technology Group. The 1998 Intrusion Detection Off-line Evaluation Plan (March 1998), http://www.ll.mit.edu/IST/ideval/data/1998/
Ji, Z., Dasgupta, D.: Applicability Issues of the Real-Valued Negative Selecion Algorithms. In: Genetic and Evolutionary Computation Conference (GECCO), pp. 111–118 (2006)
Kayacik, N., Zincir-Heywood, G., Heywood, M.: On the Capability of an SOM based Intrusion Detection System. In: Proceedings of International Joint Conference on Neural Networks, vol. 3, pp. 1808–1813 (2003)
Kayacik, N., Zincir-Heywood, G., Heywood, M.: Selecting Features for Intrusion Detection: A Feature Relevance Analysis on KDD 1999 Intrusion Detection Datasets. In: Third Annual Conference on Privacy, Security and Trust (PST) (2005)
Levin, I.: KDD 1999 Classifier Learning Contest: LLSoft’s Results Overview. SIGKDD Explorations 1(2), 67–75 (2000)
Mitchell, T.M.: Machine Learning. McGraw-Hill Series in Computer Science. McGraw-Hill, New York (1997)
Witten, I.H., Frank, E.: Data Mining: Practical machine learning tools and techniques, 2nd edn. Morgan Kaufmann, San Francisco (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gu, F., Greensmith, J., Aickelin, U. (2008). Further Exploration of the Dendritic Cell Algorithm: Antigen Multiplier and Time Windows. In: Bentley, P.J., Lee, D., Jung, S. (eds) Artificial Immune Systems. ICARIS 2008. Lecture Notes in Computer Science, vol 5132. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85072-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-85072-4_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85071-7
Online ISBN: 978-3-540-85072-4
eBook Packages: Computer ScienceComputer Science (R0)