A PSO-Based Approach to Rule Learning in Network Intrusion Detection

The update of rules is the key to success for rule-based network intrusion detection system because of the endless appearance of new attacks. To efficiently extract classification rules from the vast network traffic data, this paper gives a new approach based on Particle Swarm Optimization (PSO) and introduces a new coding scheme called ”indexical coding” in accord with the feature of the network traffic data. PSO is a novel optimization technique and has been shown high performance in numeric problems, but few researches have been reported in rule learning for IDS that requires a high level representation of the individual, this paper makes a study and demonstrates the performance on the 1999 KDD cup data. The results show the feasibility and effectiveness of it.

[1]  Susan M. Bridges,et al.  FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION , 2002 .

[2]  Victor A. Skormin,et al.  Information Assurance in Computer Networks , 2001, Lecture Notes in Computer Science.

[3]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[4]  James Kennedy,et al.  Particle swarm optimization , 2002, Proceedings of ICNN'95 - International Conference on Neural Networks.

[5]  Russell C. Eberhart,et al.  Tracking and optimizing dynamic systems with particle swarms , 2001, Proceedings of the 2001 Congress on Evolutionary Computation (IEEE Cat. No.01TH8546).

[6]  Guan Jian,et al.  An induction learning approach for building intrusion detection models using genetic algorithms , 2004, Fifth World Congress on Intelligent Control and Automation (IEEE Cat. No.04EX788).

[7]  Yue Shi,et al.  A modified particle swarm optimizer , 1998, 1998 IEEE International Conference on Evolutionary Computation Proceedings. IEEE World Congress on Computational Intelligence (Cat. No.98TH8360).

[8]  Tiago Ferra de Sousa,et al.  A Particle Swarm Data Miner , 2003, EPIA.

[9]  Stephen Northcutt,et al.  Network intrusion detection , 2003 .

[10]  Fabio A. González,et al.  An Intelligent Decision Support System for Intrusion Detection and Response , 2001, MMM-ACNS.

[11]  Salim Hariri,et al.  An efficient network intrusion detection method based on information theory and genetic algorithm , 2005, PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005..

[12]  Shi Li Design of Classifier Based on Particle Swarm Algorithm , 2005 .