Sciweavers

ICNC
2005
Springer

Applying Genetic Programming to Evolve Learned Rules for Network Anomaly Detection

14 years 4 months ago
Applying Genetic Programming to Evolve Learned Rules for Network Anomaly Detection
The DARPA/MIT Lincoln Laboratory off-line intrusion detection evaluation data set is the most widely used public benchmark for testing intrusion detection systems. But the presence of simulation artifacts attributes would cause many attacks in this dataset to be easily detected. In order to eliminate their influence on intrusion detection, we simply omit these attributes in the processes of both training and testing. We also present a GP-based rule learning approach for detecting attacks on network. GP is used to evolve new rules from the initial learned rules through genetic operations. Our results show that GP-based rule learning approach outperforms the original rule learning algorithm, detecting 84 of 148 attacks at 100 false alarms despite the absence of several simulation artifacts attributes.
Chuanhuan Yin, Shengfeng Tian, Houkuan Huang, Jun
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where ICNC
Authors Chuanhuan Yin, Shengfeng Tian, Houkuan Huang, Jun He
Comments (0)