A boosting genetic fuzzy classifier for intrusion detection using data mining techniques for rule pre-screening

Authors:
Tansel Özyer;Reda Alhajj;Ken Barker
Affiliations:
ADSA Lab, Department of Computer Science, University of Calgary, Calgary, Alberta, T2N 1N4, Canada;ADSA Lab, Department of Computer Science, University of Calgary, Calgary, Alberta, T2N 1N4, Canada;ADSA Lab, Department of Computer Science, University of Calgary, Calgary, Alberta, T2N 1N4, Canada
Venue:
Design and application of hybrid intelligent systems
Year:
2003

Citing 11
Cited 2

An Intrusion-Detection Model

IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Intrusion detection with neural networks

NIPS '97 Proceedings of the 1997 conference on Advances in neural information processing systems 10
Genetic Algorithms in Search, Optimization and Machine Learning

Genetic Algorithms in Search, Optimization and Machine Learning
Uniform Crossover in Genetic Algorithms

Proceedings of the 3rd International Conference on Genetic Algorithms
Fuzzy Data Mining: Effect of Fuzzy Discretization

ICDM '01 Proceedings of the 2001 IEEE International Conference on Data Mining
Fast Algorithms for Mining Association Rules in Large Databases

VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Fuzzy Rule Selection By Data Mining Criteria And Genetic Algorithms

GECCO '02 Proceedings of the Genetic and Evolutionary Computation Conference
ADMIT: anomaly-based data mining for intrusions

Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
An Architecture for Intrusion Detection Using Autonomous Agents

ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
An immunological model of distributed detection and its application to computer security

An immunological model of distributed detection and its application to computer security
Intrusion detection using sequences of system calls

Journal of Computer Security

Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection

Pattern Recognition
Multi criteria decision methods for coordinating case-based agents

MATES'09 Proceedings of the 7th German conference on Multiagent system technologies

Quantified Score

Hi-index	0.00

Visualization

Abstract

The purpose of the work described in this paper is to provide an intelligent intruion detection system (IIDS) that uses data mining techniques, namely classificatian and association rules mining for predicting different behaviours in networked computers. To achieve this, we propose a method based on iterative rule learning using a fuzzy rule based genetic classifier. Our approach involves two stages. First, a large number of candidate rules are generated for each class using fuzzy association rules mining and pre-screened using two rule evaluation criteria in order to reduce the fuzzy rule search space. Candidate rides, obtained after pre-screening, are used in genetic fuzzy classifier to generate rules for the classes specified in IIDS, namely Normal, PRB-probe, DOS-denial of service, U2R-user to root mad R2L- remote to local. During the second stage, boosting genetic algorithm is employed respectively for each class to find its fuzzy rules required to classify data; each time a fuzzy rule is extracted and included in the system. The boosting mechanism evaluates the weight of each data item to help the rule extraction mechanism focus more on data having relatively more weight, i.e., uucovered less by the rules extracted until the current iteration. Each extracted fuzzy rule is assigned a weight. Weighted fuzzy rules in each class are aggregated to find the vote of each class label for each data item. Experimental results demonstrate the effectiveness of the proposed approach.