An evolutionary approach to generate fuzzy anomaly (attack) signatures

Author

González, Fabio ; Gómez, Jonatan ; Kaniganti, Madhavi ; Dasgupta, Dipankar

Author_Institution

Div. of Comput. Sci., Univ. of Memphis, TN, USA

fYear

2003

fDate

18-20 June 2003

Firstpage

251

Lastpage

259

Abstract

We describe the generation of fuzzy signatures to detect some cyber attacks. This approach is an enhancement to our previous work, which was based on the principle of negative selection for generating anomaly detectors using genetic algorithms. The present work includes a different genetic representation scheme for evolving efficient fuzzy detectors. To determine the performance of the proposed approach, which is named Evolving Fuzzy Rule Detectors (EFR), experiments were conducted with three different data sets. One data set contains wireless data, generated using network simulator (NS2) while the other two data sets are publicly available (from Lincoln Lab). Results exhibited that the proposed approach outperformed the previous techniques.

Keywords

computer crime; fuzzy logic; fuzzy set theory; genetic algorithms; wireless LAN; EFR; Evolving Fuzzy Rules Detectors; Lincoln lab data set; NS2 network simulator; cyber attack detection; evolutionary approach; fuzzy anomaly signature generation; genetic algorithm; genetic representation scheme; wireless data; Artificial immune systems; Character generation; Computer networks; Computer science; Detectors; Fuzzy sets; Genetic algorithms; Intrusion detection; Shape; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society

Print_ISBN

0-7803-7808-3

Type

conf

DOI

10.1109/SMCSIA.2003.1232430

Filename

1232430