• DocumentCode
    3101815
  • Title

    Boundary expansion of expert systems: incorporating evolutionary computation with intrusion detection solutions

  • Author

    Garcia, Raymond C. ; Cannady, James

  • Author_Institution
    Comput. Sci. & Inf. Technol. Div., Georgia Tech. Res. Inst., Atlanta, GA, USA
  • fYear
    2001
  • fDate
    2001
  • Firstpage
    96
  • Lastpage
    99
  • Abstract
    The work represented here utilizes evolutionary computation to improve intrusion detection techniques. Many intrusion detection techniques incorporate expert systems (e.g., ASAX, IDES, NIDES, DIDS, Hyperview, JiNao). Problems associated with expert systems are in how the rules are defined and matched against potential intruders. Going outside the rule set leaves minimal hope of detection. This work improves upon intrusion detection schemes that utilized expert systems by using an evolution strategy with combinations of attack signatures as individual characteristics. The overall strength is in viewing the rule-matching problem as an optimization problem
  • Keywords
    computer networks; evolutionary computation; expert systems; security of data; telecommunication security; ASAX; DIDS; Hyperview; IDES; JiNao; NIDES; attack signatures; boundary expansion; computer networks; computer systems; evolution strategy; evolutionary computation; expert systems; intrusion detection; optimization problem; rule-matching problem; secure information systems; system usage monitoring; Computer science; Evolutionary computation; Expert systems; Humans; Information security; Information technology; Intrusion detection; Laboratories; Pattern analysis; Telecommunication computing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    SoutheastCon 2001. Proceedings. IEEE
  • Conference_Location
    Clemson, SC
  • Print_ISBN
    0-7803-6748-0
  • Type

    conf

  • DOI
    10.1109/SECON.2001.923095
  • Filename
    923095