Multiobjective classification with moGEP: an application in the network traffic domain

The paper proposes a multiobjective approach to the problem of malicious network traffic classification, with specificity and sensitivity criteria as objective functions for the problem. The multiobjective version of Gene Expression Programming (GEP) called moGEP is proposed and applied to find proper classifiers in the multiobjective search space. The purpose of the classifiers is to discriminate information about the network traffic obtained from Idiotypic Network-based Intrusion Detection System (INIDS), transformed into time series. The proposed approach is validated using the network traffic simulator ns2. Classifiers of high accuracy are obtained and their diversity offers interesting possibilities to the domain of network security.

[1]  Carlos Martín-Vide,et al.  Evolutionary Design of Intrusion Detection Programs , 2007, Int. J. Netw. Secur..

[2]  Thomas Stibor,et al.  On the appropriateness of negative selection for anomaly detection and network intrusion detection , 2006 .

[3]  Kotagiri Ramamohanarao,et al.  Survey of network-based defense mechanisms countering the DoS and DDoS problems , 2007, CSUR.

[4]  Fabio A. González,et al.  An immunity-based technique to characterize intrusions in computer networks , 2002, IEEE Trans. Evol. Comput..

[5]  Lori L. DeLooze,et al.  Attack Characterization and Intrusion Detection using an Ensemble of Self-Organizing Maps , 2006, The 2006 IEEE International Joint Conference on Neural Network Proceedings.

[6]  Cândida Ferreira,et al.  Gene Expression Programming: Mathematical Modeling by an Artificial Intelligence , 2014, Studies in Computational Intelligence.

[7]  Malcolm I. Heywood,et al.  On evolving buffer overflow attacks using genetic programming , 2006, GECCO '06.

[8]  H. S. Lopes,et al.  A GENE EXPRESSION PROGRAMMING SYSTEM FOR TIME SERIES MODELING , 2004 .

[9]  Cândida Ferreira,et al.  Gene Expression Programming: Mathematical Modeling by an Artificial Intelligence (Studies in Computational Intelligence) , 2006 .

[10]  Tom Fawcett,et al.  ROC Graphs: Notes and Practical Considerations for Data Mining Researchers , 2003 .

[11]  Jay Beale,et al.  Snort Intrusion Detection and Prevention Toolkit , 2007 .

[12]  Pascal Bouvry,et al.  Denial of service detection and analysis using idiotypic networks paradigm , 2008, GECCO '08.

[13]  David Corne,et al.  The Pareto archived evolution strategy: a new baseline algorithm for Pareto multiobjective optimisation , 1999, Proceedings of the 1999 Congress on Evolutionary Computation-CEC99 (Cat. No. 99TH8406).