Copy the page URI to the clipboard
Donnachie, Benjamin; Verrall, Jason; Hopgood, Adrian; Wong, Patrick and Kennedy, Ian
(2022).
DOI: https://doi.org/10.1007/978-3-031-21441-7_21
Abstract
The use of artificial immune systems for investigation of cyber-security breaches is presented. Manual reviews of disk images are impractical because of the size of the dataset. Machine-learning algorithms for detection of misuse require labelled training data, which are generally unavailable. They are also necessarily retrospective, so they are unlikely to detect new forms of intrusion. For those reasons, this article proposes the use of artificial immune systems for unsupervised anomaly detection. Specifically, a deterministic dendritic cell algorithm (dDCA) has been implemented that has successfully detected automated SQL injection attacks from sample disk images. For comparison, it outperformed an unsupervised k-means clustering algorithm. However, many significant anomalies were not detected, so further work is required to refine the algorithm using more extensive datasets, and to encode complementary expert knowledge.
Viewing alternatives
Download history
Metrics
Public Attention
Altmetrics from AltmetricNumber of Citations
Citations from DimensionsItem Actions
Export
About
- Item ORO ID
- 85229
- Item Type
- Conference or Workshop Item
- Keywords
- Anomaly detection; Artificial Immune Systems; Cybersecurity; Dendritic Cell Algorithm; Unsupervised Learning
- Academic Unit or School
-
Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Other Departments > Other Departments
Other Departments - Depositing User
- Benjamin Donnachie