One-rule Genetic-Fuzzy classifier

An Intrusion Detection System (IDS) is one of the widely used tools for defending computer networks. Its main goal is to classify activities into two major categories: (1) normal activities and (2) intrusive activities. Both types of activities are hard to predict as the boundaries cannot be well defined and a prediction process may generate false alarms. Many anomaly-based intrusion detection systems have experienced this. However, with fuzzy logic, the false alarm rate in determining intrusive activities can be reduced. This paper proposes a One-rule Genetic-Fuzzy classifier system to generate the fuzzy rules that are capable of detecting intrusive activities by using Genetic Algorithms (GA). GA is now a viable alternative for the detection of malicious intrusions. They tune the fuzzy membership functions and select an appropriate set of features. After that they generate a proper discrimination rule. Typically, a set of fuzzy rules (fuzzy classifiers) is used to define the normal and abnormal behavior in a computer network. The main goal of this work is to (1) evolve comprehensible rule(s) that improves the classification rate, (2) produce shorter rules, and (3) perform automatic feature selection according to the complexity of data. The proposed system combines both anomaly-based intrusion detection and misuse detection. A series of experimental results on the well-known KDD Cup 1999 data set [12] demonstrate that the proposed method is feasible. In the paper a performance of the evolved fuzzy classifiers with a classification accuracy of 92% is presented.