A New Intrusion Detection System Using the Improved Dendritic Cell Algorithm

Abstract

The dendritic cell algorithm (DCA) as one of the emerging evolutionary algorithms is based on the behavior of the specific immune agents, known as dendritic cells (DCs). DCA has several potentially beneficial features for binary classification problems. In this paper, we aim at providing a new version of this immune-inspired mechanism acts as a semi-supervised classifier, which can be a defensive shield in network intrusion detection problem. Till now, no strategy or idea has been adopted on the $Get_{Antigen()}$ function on the detection phase, but random sampling entails the DCA to provide undesirable results in several cycles at each time. This leads to uncertainty. Whereas it must be accomplished by biological behaviors of DCs in peripheral tissues, we have proposed a novel strategy that exactly acts based on its immunological functionalities of dendritic cells. The proposed mechanism focuses on two items: first, to obviate the challenge of needing to have a preordered antigen set for computing danger signal, and the second, to provide a novel immune-inspired idea for nonrandom data sampling. A variable functional migration threshold is also computed cycle by cycle that shows the necessity of the migration threshold flexibility. A significant criterion so-called capability of intrusion detection (CID) is used for tests. All the tests have been performed in a new benchmark dataset named UNSW-NB15. Experimental consequences demonstrate that the present schema as the best version among improved DC algorithms achieves 76.69% CID by 90% accuracy and outperforms its counterpart methods.