Adaptive intrusion detection algorithm based on learning algorithm

Author

Kim, Dae-Wook ; Yang, Jae-Won ; Sim, Kwee-Bo

Author_Institution

Sch. of Electr. & Electron. Eng., Chung-Ang Univ., Seoul, South Korea

Volume

3

fYear

2004

fDate

2-6 Nov. 2004

Firstpage

2229

Abstract

Signature based intrusion detection system (IDS), having stored rules for detecting intrusions at the library, judges whether new inputs are intrusion or not by matching them with the new inputs. However their policy has two restrictions generally. First, when they couldn´t make rules against new intrusions, false negative (FN) errors may are taken place. Second, when they made a lot of rules for maintaining diversification, the amount of resources grows larger proportional to their amount. In this paper, we propose the learning algorithm which can evolve the competent of anomaly detectors having the ability to detect anomalous attacks by genetic algorithm. The anomaly detectors are the population be composed of by following the negative selection procedure of the biological immune system. To show the effectiveness of proposed system, we apply the learning algorithm to the artificial network environment, which is a computer security system.

Keywords

authorisation; digital signatures; genetic algorithms; learning (artificial intelligence); security of data; adaptive intrusion detection algorithm; anomaly detector; artificial network environment; biological immune system; computer security system; false negative error; genetic algorithm; learning algorithm; Computer crime; Computer security; Detectors; Genetics; IP networks; Immune system; Intrusion detection; Libraries; Network servers; Vaccines;

fLanguage

English

Publisher

ieee

Conference_Titel

Industrial Electronics Society, 2004. IECON 2004. 30th Annual Conference of IEEE

Print_ISBN

0-7803-8730-9

Type

conf

DOI

10.1109/IECON.2004.1432145

Filename

1432145