Genetic programming (videotape): the movie
Genetic programming (videotape): the movie
Wide area traffic: the failure of Poisson modeling
IEEE/ACM Transactions on Networking (TON)
The 1999 DARPA off-line intrusion detection evaluation
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Data Mining Using Grammar-Based Genetic Programming and Applications
Data Mining Using Grammar-Based Genetic Programming and Applications
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
A machine learning approach to detecting attacks by identifying anomalies in network traffic
A machine learning approach to detecting attacks by identifying anomalies in network traffic
Learning Rules for Anomaly Detection of Hostile Network Traffic
ICDM '03 Proceedings of the Third IEEE International Conference on Data Mining
Network traffic anomaly detection based on packet bytes
Proceedings of the 2003 ACM symposium on Applied computing
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
A grammatical evolution approach to intrusion detection on mobile ad hoc networks
Proceedings of the second ACM conference on Wireless network security
Review: The use of computational intelligence in intrusion detection systems: A review
Applied Soft Computing
CANS'07 Proceedings of the 6th international conference on Cryptology and network security
Hi-index | 0.00 |
The DARPA/MIT Lincoln Laboratory off-line intrusion detection evaluation data set is the most widely used public benchmark for testing intrusion detection systems. But the presence of simulation artifacts attributes would cause many attacks in this dataset to be easily detected. In order to eliminate their influence on intrusion detection, we simply omit these attributes in the processes of both training and testing. We also present a GP-based rule learning approach for detecting attacks on network. GP is used to evolve new rules from the initial learned rules through genetic operations. Our results show that GP-based rule learning approach outperforms the original rule learning algorithm, detecting 84 of 148 attacks at 100 false alarms despite the absence of several simulation artifacts attributes.