Engineering and Information Technology Collected Works - Research Publications

Permanent URI for this collection

http://hdl.handle.net/11343/356

Filters

2005 - 2009 9
9
Reset filters

Settings
Statistics
Citations
Start date: 2000 × End date: 2009 × Type: Chapter ×

Search Results

Now showing 1 - 9 of 9
  • Item
    Thumbnail Image
    Self-Organizing Maps in Computer Security
    Feyereisl, J ; Aickelin, U ; Hopkins, RD ; Tokere, WP (Computer Security: Intrusion, Detection and Prevention, 2009)
    Some argue that biologically inspired algorithms are the future of solving difficult problems in computer science. Others strongly believe that the future lies in the exploration of mathematical foundations of problems at hand. The field of computer security tends to accept the latter view as a more appropriate approach due to its more workable validation and verification possibilities. The lack of rigorous scientific practices prevalent in biologically inspired security research does not aid in presenting bio-inspired security approaches as a viable way of dealing with complex security problems. This chapter introduces a biologically inspired algorithm, called the Self- Organising Map (SOM), that was developed by Teuvo Kohonen in 1981. Since the algorithm’s inception it has been scrutinised by the scientific community and analysed in more than 4000 research papers, many of which dealt with various computer security issues, from anomaly detection, analysis of executables all the way to wireless network monitoring. In this chapter a review of security related SOM research undertaken in the past is presented and analysed. The algorithm’s biological analogies are detailed and the author’s view on the future possibilities of this successful bio-inspired approach are given. The SOM algorithm’s close relation to a number of vital functions of the human brain and the emergence of multi-core computer architectures are the two main reasons behind our assumption that the future of the SOM algorithm and its variations is promising, notably in the field of computer security.
  • Item
    Thumbnail Image
    Artificial Dendritic Cells: Multi-faceted Perspectives
    Greensmith, J ; Aickelin, U ; Bargiela, A ; Pedrycz, W (Human-Centric Information Processing Through Granular Modelling, 2009)
    Dendritic cells are the crime scene investigators of the human immune system. Their function is to correlate potentially anomalous invading entities with observed damage to the body. The detection of such invaders by dendritic cells results in the activation of the adaptive immune system, eventually leading to the removal of the invader from the host body. This mechanism has provided inspiration for the development of a novel bio-inspired algorithm, the Dendritic Cell Algorithm. This algorithm processes information at multiple levels of resolution, resulting in the creation of information granules of variable structure. In this chapter we examine the multi-faceted nature of immunology and how research in this field has shaped the function of the resulting Dendritic Cell Algorithm. A brief overview of the algorithm is given in combination with the details of the processes used for its development. The chapter is concluded with a discussion of the parallels between our understanding of the human immune system and how such knowledge influences the design of artificial immune systems.
  • Item
    Thumbnail Image
    Detecting Danger: The Dendritic Cell Algorithm
    Greensmith, J ; Aickelin, U ; Cayzer, S ; Schuster, A (Springer, 2008)
    The Dendritic Cell Algorithm (DCA) is inspired by the function of the dendritic cells of the human immune system. In nature, dendritic cells are the intrusion detection agents of the human body, policing the tissue and organs for potential invaders in the form of pathogens. In this research, an abstract model of dendritic cell (DC) behavior is developed and subsequently used to form an algorithm-the DCA. The abstraction process was facilitated through close collaboration with laboratory-based immunologists, who performed bespoke experiments, the results of which are used as an integral part of this algorithm. The DCA is a population-based algorithm, with each agent in the system represented as an artificial DC. Each DC has the ability to combine multiple data streams and can add context to data suspected as anomalous. In this chapter, the abstraction process and details of the resultant algorithm are given. The algorithm is applied to numerous intrusion detection problems in computer security including the detection of port scans and botnets, where it has produced impressive results with relatively low rates of false positives.
  • Item
    Thumbnail Image
    An Immune Inspired Approach to Anomaly Detection
    Twycross, J ; Aickelin, U ; Gupta, JND ; Sharma, S (Handbook of Research on Information Security and Assurance, 2009)
    The immune system provides a rich metaphor for computer security: anomaly detection that works in nature should work for machines. However, early artificial immune system approaches for computer security had only limited success. Arguably, this was due to these artificial systems being based on too simplistic a view of the immune system. We present here a second generation artificial immune system for process anomaly detection. It improves on earlier systems by having different artificial cell types that process information. Following detailed information about how to build such second generation systems, we find that communication between cells types is key to performance. Through realistic testing and validation, we show that second generation artificial immune systems are capable of anomaly detection beyond generic system policies. The chapter concludes with a discussion and outline of the next steps in this exciting area of computer security.
  • Item
    Thumbnail Image
    Multi-Agent Simulation and Management Practices
    Siebers, P-O ; Aickelin, U ; Celia, H ; Clegg, C ; Adam, F ; Humphreys, P (IGI Global, 2008)
    Intelligent agents offer a new and exciting way of understanding the world of work. Agent-based simulation (ABS), one way of using intelligent agents, carries great potential for progressing our understanding of management practices and how they link to retail performance. We have developed simulation models based on research by a multidisciplinary team of economists, work psychologists, and computer scientists. We will discuss our experiences of implementing these concepts working with a well-known retail department store. There is no doubt that management practices are linked to the performance of an organisation (Reynolds, Howard, Dragun, Rosewell, & Ormerod, 2005; Wall & Wood, 2005). Best practices have been developed, but when it comes down to the actual application of these guidelines considerable ambiguity remains regarding their effectiveness within particular contexts (Siebers, Aickelin, Battisti, et al., 2008). Most operational research (OR) methods can only be used as analysis tools once management practices have been implemented. Often they are not very useful for giving answers to speculative “what-if” questions, particularly when one is interested in the development of the system over time rather than just the state of the system at a certain point in time. Simulation can be used to analyse the operation of dynamic and stochastic systems. ABS is particularly useful when complex interactions between system entities exist, such as autonomous decision making or negotiation. In an ABS model the researcher explicitly describes the decision process of simulated actors at the micro level. Structures emerge at the macro level as a result of the actions of the agents and their interactions with other agents and the environment. We will show how ABS experiments can deal with testing and optimising management practices such as training, empowerment or teamwork. Hence, questions such as “will staff setting their own break times improve performance?” can be investigated.
  • Item
    Thumbnail Image
    Introduction to Multi-Agent Simulation
    Siebers, P-O ; Aickelin, U ; Adam, F ; Humphreys, P (IGI Global, 2008)
    When designing systems that are complex, dynamic, and stochastic in nature, simulation is generally recognised as one of the best design support technologies, and a valuable aid in the strategic and tactical decision- making process. A simulation model consists of a set of rules that define how a system changes over time, given its current state. Unlike analytical models, a simulation model is not solved but is run and the changes of system states can be observed at any point in time. This provides an insight into system dynamics rather than just predicting the output of a system based on specific inputs. Simulation is not a decision making tool but a decision support tool, allowing better informed decisions to be made. Due to the complexity of the real world, a simulation model can only be an approximation of the target system. The essence of the art of simulation modelling is abstraction and simplification. Only those characteristics that are important for the study and analysis of the target system should be included in the simulation model.
  • Item
    Thumbnail Image
    A Bayesian Optimization Algorithm for Nurse Scheduling
    Li, J ; Aickelin, U ; Pelikan, M ; Sastry, K ; Cantú-Paz, E (Springer Nature, 2006)
    Our research has shown that schedules can be built mimicking a human scheduler by using a set of rules that involve domain knowledge. This chapter presents a Bayesian Optimization Algorithm (BOA) for the nurse scheduling problem that chooses such suitable scheduling rules from a set for each nurse’s assignment. Based on the idea of using probabilistic models, the BOA builds a Bayesian network for the set of promising solutions and samples these networks to generate new candidate solutions. Computational results from 52 real data instances demonstrate the success of this approach. It is also suggested that the learning mechanism in the proposed algorithm may be suitable for other scheduling problems.
  • Item
    Thumbnail Image
    Modelling Immunological Memory
    Garret, S ; Robbins, M ; Walker, J ; Wilson, W ; Aickelin, U ; Flower, D ; Timmis, J (Springer, 2007)
    Accurate immunological models offer the possibility of performing high- throughput experiments in silico that can predict, or at least suggest, in vivo phenomena. In this chapter, we compare various models of immunological memory. We first validate an experimental immunological simulator, developed by the authors, by simulating several theories of immunological memory with known results. We then use the same system to evaluate the predicted effects of a theory of immunological memory. The resulting model has not been explored before in artificial immune systems research, and we compare the simulated in silico output with in vivo measurements. Although the theory appears valid, we suggest that there are a common set of reasons why immunological memory models are a useful support tool; not conclusive in themselves.
  • Item
    Thumbnail Image
    Artificial Immune Systems
    Aickelin, U ; Dasgupta, D ; Burke, EK ; Kendall, G (Springer, 2005)
    The biological immune system is a robust, complex, adaptive system that defends the body from foreign pathogens. It is able to categorize all cells (or molecules) within the body as self-cells or nonself cells. It does this with the help of a distributed task force that has the intelligence to take action from a local and also a global perspective using its network of chemical messengers for communication. There are two major branches of the immune system. The innate immune system is an unchanging mechanism that detects and destroys certain invading organisms, whilst the adaptive immune system responds to previously unknown foreign cells and builds a response to them that can remain in the body over a long period of time. This remarkable information processing biological system has caught the attention of computer science in recent years.