Network Intrusion Detection Using Class Association Rule Mining Based on Genetic Network Programming

Because of the expansion of the Internet in recent years, computer systems are exposed to an increasing number and type of security threats. How to detect network intrusions effectively becomes an important technique. This paper proposes a class association rule mining approach based on genetic network programming (GNP) for detecting network intrusions. This approach can deal with both discrete and continuous attributes in network-related data. And it can be flexibly applied to both misuse detection and anomaly detection. Experimental results with KDD99Cup and DARPA98 database from MIT Lincoln Laboratory shows that the proposed method provides a competitive high detection rate (DR) compared to other machine learning techniques. © 2010 Institute of Electrical Engineers of Japan. Published by John Wiley & Sons, Inc.

[1]  Eugene H. Spafford,et al.  Applying Genetic Programming to Intrusion Detection , 1995 .

[2]  Octavio Nieto-Taladriz,et al.  Improving network security using genetic algorithm approach , 2007, Comput. Electr. Eng..

[3]  Kotaro Hirasawa,et al.  Class Association Rule Mining with Chi-Squared Test Using Genetic Network Programming , 2006, 2006 IEEE International Conference on Systems, Man and Cybernetics.

[4]  Kotaro Hirasawa,et al.  A Double-Deck Elevator Group Supervisory Control System Using Genetic Network Programming , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[5]  Kotaro Hirasawa,et al.  A study of evolutionary multiagent models based on symbiosis , 2006, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[6]  Kotaro Hirasawa,et al.  Genetic Network Programming with Acquisition Mechanisms of Association Rules , 2006, J. Adv. Comput. Intell. Intell. Informatics.

[7]  Wei Lu,et al.  Detecting New Forms of Network Intrusion Using Genetic Programming , 2004, Comput. Intell..

[8]  Salvatore J. Stolfo,et al.  A framework for constructing features and models for intrusion detection systems , 2000, TSEC.

[9]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[10]  Susan M. Bridges,et al.  FUZZY DATA MINING AND GENETIC ALGORITHMS APPLIED TO INTRUSION DETECTION , 2002 .

[11]  Shingo Mabu,et al.  A Graph-Based Evolutionary Algorithm: Genetic Network Programming (GNP) and Its Extension Using Reinforcement Learning , 2007, Evolutionary Computation.

[12]  Kotaro Hirasawa,et al.  Comparison between Genetic Network Programming (GNP) and Genetic Programming (GP) , 2001, Proceedings of the 2001 Congress on Evolutionary Computation (IEEE Cat. No.01TH8546).