Title :
Study on Adaptive Intrusion Detection Engine Based on Gene Expression Programming Rules
Author :
Tang, Wan ; Cao, Yang ; Yang, Xi-Min ; So, Won-Ho
Author_Institution :
Sch. of Electron. Inf., Wuhan Univ., Wuhan
Abstract :
High false alarm rate and time-space cost of rule extraction and detection limit the application of machine learning in real intrusion detection system (IDS), and IDS cannot satisfy most system performance requirements simultaneously. In this paper, a Constraint-based gene expression programming rule extraction algorithm (CGREA) is proposed which guarantees the validity of rules and reduces the evolution time through grammar constraint and probability restriction. Additionally, an adaptive intrusion detection engine (AIDE) is applied to automatically renew the detected order of rules according to the performance metric. The KDD CUPpsila99 DATA is used for evaluation and results show that the rules, which are extracted by the CGREA algorithm within a few evolution generations, can not only achieve high detection rate but also detect unknown attacks. Moreover, the AIDE based on CGREA increases the attack detection rate, and adapts itself to different performance requirements with different sequences of rule detection.
Keywords :
learning (artificial intelligence); probability; security of data; adaptive intrusion detection engine; gene expression programming rule extraction algorithm; gene expression programming rules; intrusion detection system; machine learning; rule extraction; time-space cost; Costs; Data mining; Engines; Gene expression; Genetic programming; Intrusion detection; Machine learning; Machine learning algorithms; System performance; Time factors; detection engine; gene expression programming; intusion detection; rule constraint;
Conference_Titel :
Computer Science and Software Engineering, 2008 International Conference on
Conference_Location :
Wuhan, Hubei
Print_ISBN :
978-0-7695-3336-0
DOI :
10.1109/CSSE.2008.246
