Date of Award
Master of Science (MS)
The proliferation of cyber-attacks is accompanied by an urgent need to develop sophisticated detection tools. Some of these tools are based on algorithms inspired by the Human Immune System (HIS). The Dendritic Cell Algorithm (DCA) is one of such HIS inspired methods, which is based on the Danger theory model. In this thesis, two types of DCA algorithms are identified, namely the deterministic a classical DCA in order to improve the algorithm's applicability and performance to detect TCP port scanning. This algorithm consists of components based on the behavior of Human dendritic cells, which involves four categories of the input signals. The ultimate goal of this research is to describe the DCA algorithm, implement both types of DCA using Java language and test these implementations by data collected from a real TCP port scan experiment. Three scenarios are conducted to perform this experiment attack, normal and mix scenario. The results show that the DCA can be applied to detect anomalous port scans. The research also compares the performance of the two DCA in detecting the malicious process.
Al Masalmeh, Nuha Yousef, "A Dendritic Cell Algorithm Based Approach for Malicious TCP Port Scanning Detection" (2019). Information Security Theses. 3.