DocumentCode
3101815
Title
Boundary expansion of expert systems: incorporating evolutionary computation with intrusion detection solutions
Author
Garcia, Raymond C. ; Cannady, James
Author_Institution
Comput. Sci. & Inf. Technol. Div., Georgia Tech. Res. Inst., Atlanta, GA, USA
fYear
2001
fDate
2001
Firstpage
96
Lastpage
99
Abstract
The work represented here utilizes evolutionary computation to improve intrusion detection techniques. Many intrusion detection techniques incorporate expert systems (e.g., ASAX, IDES, NIDES, DIDS, Hyperview, JiNao). Problems associated with expert systems are in how the rules are defined and matched against potential intruders. Going outside the rule set leaves minimal hope of detection. This work improves upon intrusion detection schemes that utilized expert systems by using an evolution strategy with combinations of attack signatures as individual characteristics. The overall strength is in viewing the rule-matching problem as an optimization problem
Keywords
computer networks; evolutionary computation; expert systems; security of data; telecommunication security; ASAX; DIDS; Hyperview; IDES; JiNao; NIDES; attack signatures; boundary expansion; computer networks; computer systems; evolution strategy; evolutionary computation; expert systems; intrusion detection; optimization problem; rule-matching problem; secure information systems; system usage monitoring; Computer science; Evolutionary computation; Expert systems; Humans; Information security; Information technology; Intrusion detection; Laboratories; Pattern analysis; Telecommunication computing;
fLanguage
English
Publisher
ieee
Conference_Titel
SoutheastCon 2001. Proceedings. IEEE
Conference_Location
Clemson, SC
Print_ISBN
0-7803-6748-0
Type
conf
DOI
10.1109/SECON.2001.923095
Filename
923095
Link To Document