A Neuro-genetic ensemble Short Term Forecasting Framework for Anomaly Intrusion Prediction

Information systems are one of the most rapidly changing and vulnerable systems, where security is a major issue. The number of security-breaking attempts originated inside the organizations is increasing steadily. Attacks made in this way, usually done by "authorized" users of the system, cannot be immediately traced. As the idea of filtering the traffic at the entrance door, by using firewalls and the like, is not completely successful, the use of intrusion detection systems should be considered to increase the defense capacity of an information system. This paper presents a framework for a statistical anomaly prediction system using a neuro-genetic forecasting model, which predicts unauthorized invasions of user, based on previous observations and takes further action before intrusion occurs. We propose an evolutionary time-series model for adaptive network intrusion forecasting where the ANN (Artificial Neural Network) is trained using genetic algorithm. The learning of the ANN is formulated as a weight optimization problem. The experimental results show that the combination strategy (neuro-genetic) can quicken the learning speed of the network and improve the predicting precision compared to the traditional ANN (Back Propagation Network). A comparative evaluation of the proposed neuro-genetic model with the traditional back-propagation, on audit data set provided by MIT Lincoln labs, has been presented and a better prediction accuracy has been observed.