Dendritic Cells for Real-Time Anomaly Detection

Julie Greensmith; Uwe Aickelin

arXiv:1001.2405·cs.AI·July 5, 2010

Dendritic Cells for Real-Time Anomaly Detection

Julie Greensmith, Uwe Aickelin

PDF

TL;DR

This paper introduces an anomaly detection algorithm inspired by dendritic cells of the immune system, tested on port scan detection, showing promising results in distinguishing malicious from normal network activity.

Contribution

It presents a novel immune-inspired algorithm for real-time anomaly detection, specifically applied to port scan detection in network security.

Findings

01

Significant difference in DC behaviour for port scans versus normal activity

02

Effective real-time detection of port scans using the algorithm

03

Potential for immune-inspired methods in cybersecurity

Abstract

Dendritic Cells (DCs) are innate immune system cells which have the power to activate or suppress the immune system. The behaviour of human of human DCs is abstracted to form an algorithm suitable for anomaly detection. We test this algorithm on the real-time problem of port scan detection. Our results show a significant difference in artificial DC behaviour for an outgoing portscan when compared to behaviour for normal processes.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.