Network intrusion detection using fuzzy class association rule mining based on genetic network programming

Authors:
Ci Chen;Shingo Mabu;Chuan Yue;Kaoru Shimada;Kotaro Hirasawa
Affiliations:
Graduate School of Information, Production and Systems, Waseda University, Fukuoka, Japan;Graduate School of Information, Production and Systems, Waseda University, Fukuoka, Japan;Graduate School of Information, Production and Systems, Waseda University, Fukuoka, Japan;Graduate School of Information, Production and Systems, Waseda University, Fukuoka, Japan;Graduate School of Information, Production and Systems, Waseda University, Fukuoka, Japan
Venue:
SMC'09 Proceedings of the 2009 IEEE international conference on Systems, Man and Cybernetics
Year:
2009

Citing 5
Cited 0

A framework for constructing features and models for intrusion detection systems

ACM Transactions on Information and System Security (TISSEC)
Data mining approaches for intrusion detection

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A Graph-Based Evolutionary Algorithm: Genetic Network Programming (GNP) and Its Extension Using Reinforcement Learning

Evolutionary Computation
A Double-Deck Elevator Group Supervisory Control System Using Genetic Network Programming

IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
A study of evolutionary multiagent models based on symbiosis

IEEE Transactions on Systems, Man, and Cybernetics, Part B: Cybernetics

Quantified Score

Hi-index	0.00

Visualization

Abstract

Computer Systems are exposed to an increasing number and type of security threats due to the expanding of internet in recent years. How to detect network intrusions effectively becomes an important techniques. This paper presents a novel fuzzy class association rule mining method based on Genetic Network Programming(GNP) for detecting network intrusions. GNP is an evolutionary optimization techniques, which uses directed graph structures as genes instead of strings(Genetic Algorithm) or trees(Genetic Programming), leading to creating compact programs and implicitly memorizing past action sequences. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database which contains both discrete and continuous attributes. And it can be flexibly applied to both misuse and anomaly detection in Network Intrusion Detection Problem. Experimental results with KDD99Cup and DAPRA98 databases from MIT Lincoln Laboratory show that the proposed method provides a competitively high detection rate compared with other machine learning techniques.