[vc_empty_space][vc_empty_space]
Implementation of dendritic cell algorithm as an anomaly detection method for port scanning attack
Anandita S.a, Rosmansyah Y.a, Dabarsyah B.a, Choi J.U.b
a School of Electrical Engineering and Informatics, Institut Teknologi Bandung, Bandung, West Java, Indonesia
b Sangmyung University, Seoul, South Korea
[vc_row][vc_column][vc_row_inner][vc_column_inner][vc_separator css=”.vc_custom_1624529070653{padding-top: 30px !important;padding-bottom: 30px !important;}”][/vc_column_inner][/vc_row_inner][vc_row_inner layout=”boxed”][vc_column_inner width=”3/4″ css=”.vc_custom_1624695412187{border-right-width: 1px !important;border-right-color: #dddddd !important;border-right-style: solid !important;border-radius: 1px !important;}”][vc_empty_space][megatron_heading title=”Abstract” size=”size-sm” text_align=”text-left”][vc_column_text]© 2015 IEEE.One of the problems in the computer security system is port scanning attack. There are several detection systems have been developed to find out the occurrence of port scanning attack, one of them is anomaly detection method. A mechanism on how to implement the detection process in a more simple and effective way is a real serious challenge. In this paper, we design a simple implementation of anomaly detection system based on dendritic cell algorithm, which is the part of danger theory on artificial immunology system. To determine a reviewed process tends to be anomalous, anomaly threshold coefficient is defined. The calculated value of anomaly threshold, 0.4759933 is quite valid and representative in order to determine the nature of anomaly of a process. Based on the test result, Nmap process which has 0.6164136 as the average MCAV value can be classified as an anomaly process within the host computer. Meanwhile, the three other reviewed processed, i.e. Bash, SSH, and SCP always have the average MCAV values below the defined anomaly threshold value, so these can be classified as normal processes.[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Author keywords” size=”size-sm” text_align=”text-left”][vc_column_text]Anomaly detection,anomaly threshold,Danger theories,Dendritic cells,MCAV,Port scanning[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Indexed keywords” size=”size-sm” text_align=”text-left”][vc_column_text]anomaly detection,anomaly threshold,artificial immunology systems,danger theory,dendritic cell,MCAV,Port scanning attack[/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”Funding details” size=”size-sm” text_align=”text-left”][vc_column_text][/vc_column_text][vc_empty_space][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][vc_empty_space][megatron_heading title=”DOI” size=”size-sm” text_align=”text-left”][vc_column_text]https://doi.org/10.1109/ICITSI.2015.7437688[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/4″][vc_column_text]Widget Plumx[/vc_column_text][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_separator css=”.vc_custom_1624528584150{padding-top: 25px !important;padding-bottom: 25px !important;}”][/vc_column][/vc_row]