Adaptation in natural and artificial systems
Adaptation in natural and artificial systems
Data mining: practical machine learning tools and techniques with Java implementations
Data mining: practical machine learning tools and techniques with Java implementations
A framework for constructing features and models for intrusion detection systems
ACM Transactions on Information and System Security (TISSEC)
Improving the Performance of Genetic Algorithms in Classifier Systems
Proceedings of the 1st International Conference on Genetic Algorithms
XCS and GALE: A Comparative Study of Two Learning Classifier Systems on Data Mining
IWLCS '01 Revised Papers from the 4th International Workshop on Advances in Learning Classifier Systems
Results of the KDD'99 classifier learning
ACM SIGKDD Explorations Newsletter
For real! XCS with continuous-valued inputs
Evolutionary Computation
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Rule-based evolutionary online learning systems: learning bounds, classification, and prediction
Rule-based evolutionary online learning systems: learning bounds, classification, and prediction
Be real! XCS with continuous-valued inputs
GECCO '05 Proceedings of the 7th annual workshop on Genetic and evolutionary computation
A Study of Structural and Parametric Learning in XCS
Evolutionary Computation
Bounding XCS's parameters for unbalanced datasets
Proceedings of the 8th annual conference on Genetic and evolutionary computation
UCSpv: principled voting in UCS rule populations
Proceedings of the 9th annual conference on Genetic and evolutionary computation
Classifier fitness based on accuracy
Evolutionary Computation
Improving performance in size-constrained extended classifier systems
GECCO'03 Proceedings of the 2003 international conference on Genetic and evolutionary computation: PartII
Analyzing parameter sensitivity and classifier representations for real-valued XCS
IWLCS'03-05 Proceedings of the 2003-2005 international conference on Learning classifier systems
The role of early stopping and population size in XCS for intrusion detection
SEAL'06 Proceedings of the 6th international conference on Simulated Evolution And Learning
Toward a theory of generalization and learning in XCS
IEEE Transactions on Evolutionary Computation
Using Self-Organizing Maps with Learning Classifier System for Intrusion Detection
PRICAI '08 Proceedings of the 10th Pacific Rim International Conference on Artificial Intelligence: Trends in Artificial Intelligence
A grid data mining architecture for learning classifier systems
WSEAS Transactions on Computers
On the appropriateness of evolutionary rule learning algorithms for malware detection
Proceedings of the 11th Annual Conference Companion on Genetic and Evolutionary Computation Conference: Late Breaking Papers
An adaptive genetic-based signature learning system for intrusion detection
Expert Systems with Applications: An International Journal
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
Proceedings of the 12th annual conference companion on Genetic and evolutionary computation
PCA for improving the performance of XCSR in classification of high-dimensional problems
Proceedings of the 13th annual conference companion on Genetic and evolutionary computation
Multi objective learning classifier systems based hyperheuristics for modularised fleet mix problem
SEAL'12 Proceedings of the 9th international conference on Simulated Evolution and Learning
Proceedings of the 15th annual conference companion on Genetic and evolutionary computation
| Hi-index | 0.00 |
Evolutionary Learning Classifier Systems (LCSs) combine reinforcement learning or supervised learning with effective genetics-based search techniques. Together these two mechanisms enable LCSs to evolve solutions to decision problems in the form of easy to interpret rules called classifiers. Although LCSs have shown excellent performance on some data mining tasks, many enhancements are still needed to tackle features like high dimensionality, huge data sizes, non-uniform distribution of classes, etc. Intrusion detection is a real world problem where such challenges exist and to which LCSs have not previously been applied. An intrusion detection problem is characterised by huge network traffic volumes, difficult to realize decision boundaries between attacks and normal activities and highly imbalanced attack class distribution. Moreover, it demands high accuracy, fast processing times and adaptability to a changing environment. We present the results and analysis of two classifier systems (XCS and UCS) on a subset of a publicly available benchmark intrusion detection dataset which features serious class imbalances and two very rare classes. We introduce a better approach for handling the situation when no rules match an input on the test set and recommend this be adopted as a standard part of XCS and UCS. We detect little sign of overfitting in XCS but somewhat more in UCS. However, both systems tend to reach near-best performance in very few passes over the training data. We improve the accuracy of these systems with several modifications and point out aspects that can further enhance their performance. We also compare their performance with other machine learning algorithms and conclude that LCSs are a competitive approach to intrusion detection.