The Dendritic Cell Algorithm for Intrusion Detection
This work addresses intrusion detection problems for cybersecurity applications, but it is incremental as it builds on existing DCA methods.
The paper reviews the Dendritic Cell Algorithm (DCA) as a candidate for intrusion detection, highlighting its advantages and presenting improvements like online analysis and automated preprocessing that show promising preliminary results for anomaly-based detection.
As one of the solutions to intrusion detection problems, Artificial Immune Systems (AIS) have shown their advantages. Unlike genetic algorithms, there is no one archetypal AIS, instead there are four major paradigms. Among them, the Dendritic Cell Algorithm (DCA) has produced promising results in various applications. The aim of this chapter is to demonstrate the potential for the DCA as a suitable candidate for intrusion detection problems. We review some of the commonly used AIS paradigms for intrusion detection problems and demonstrate the advantages of one particular algorithm, the DCA. In order to clearly describe the algorithm, the background to its development and a formal definition are given. In addition, improvements to the original DCA are presented and their implications are discussed, including previous work done on an online analysis component with segmentation and ongoing work on automated data preprocessing. Based on preliminary results, both improvements appear to be promising for online anomaly-based intrusion detection.