论文信息 - Applying Local Search and Genetic Evolution in Concept Learning Systems to Detect Intrusion in Computer Networks

Applying Local Search and Genetic Evolution in Concept Learning Systems to Detect Intrusion in Computer Networks

The detection of intrusions over computer networks (i.e., network access by non-authorized users) can be cast to the task of detecting anomalous patterns of network traffic. In this case, models of normal traffic have to be determined and compared against the current network traffic. We compare models of network traffic acquired by a system based on a distributed genetic algorithm with the ones acquired by a system based on greedy heuristics. Also we show that representation change of the network data can result in a significant increase in the classification performances of the traffic models. Network data made available from the Information Exploration Shootout project has been chosen as experimental testbed.

Filippo Neri | Mirko Mischiatti

[1] Filippo Neri. Mining TCP/IP Traffic for Network Intrusion Detection by Using a Distributed Genetic Algorithm , 2000, ECML.

[2] J. Ross Quinlan,et al. C4.5: Programs for Machine Learning , 1992 .

[3] Terran Lane,et al. An Application of Machine Learning to Anomaly Detection , 1999 .

[4] Filippo Neri,et al. Exploring the Power of Genetic Search in Learning Symbolic Classifiers , 1996, IEEE Trans. Pattern Anal. Mach. Intell..

[5] Ryszard S. Michalski,et al. A Theory and Methodology of Inductive Learning , 1983, Artificial Intelligence.

[6] John J. Grefenstette,et al. A Coevolutionary Approach to Learning Sequential Decision Rules , 1995, ICGA.

[7] Filippo Neri,et al. Search-Intensive Concept Induction , 1995, Evolutionary Computation.

[8] Michael Schatz,et al. Learning Program Behavior Profiles for Intrusion Detection , 1999, Workshop on Intrusion Detection and Network Monitoring.

[9] Carla E. Brodley,et al. Approaches to Online Learning and Concept Drift for User Identification in Computer Security , 1998, KDD.

[10] Salvatore J. Stolfo,et al. Mining in a data-flow environment: experience in network intrusion detection , 1999, KDD '99.

[11] Dorothy E. Denning,et al. An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[12] David E. Goldberg,et al. Genetic Algorithms in Search Optimization and Machine Learning , 1988 .

[13] William W. Cohen. Fast Effective Rule Induction , 1995, ICML.