A Dendritic Cell Algorithm Based Approach for Malicious TCP Port Scanning Detection

Abstract

The proliferation of cyber-attacks brings up an urgent need to develop sophisticated detection tools. Some of these tools are based on algorithms inspired from the Human Immune System (HIS). The Dendritic Cell Algorithm (DCA) is one of such HIS inspired methods, which is based on the Danger model. In the current study, two kinds of DCA algorithms (deterministic and classical DCA) are analyzed in order to detect DoS attacks. Moreover, this paper discusses the enhancement of the DCA algorithm to cover the detection of malicious TCP port scanning. By using different use-cases, the evaluation and results are accumulated to show the efficiency of the DCA algorithm used in the Port scanning detection.