Title :
An efficient network intrusion detection method based on information theory and genetic algorithm
Author :
Xia, Tao ; Qu, Guangzhi ; Hariri, Salim ; Yousi, Mazin
Author_Institution :
Internet Technol. Lab., Arizona Univ., Tucson, AZ, USA
Abstract :
The Internet has been growing at an amazing rate and concurrent with the growth, the vulnerability of the Internet is also increasing. Though the Internet has been designed to withstand various forms of failure, the intrusion tools and attacks are becoming increasingly sophisticated, exposing the Internet to new threats. To make networked systems reliable and robust it becomes highly essential to develop on-line monitoring, analysis and quantification of the behavior of networks under a wide range of attacks and to recover from these attacks. In this paper, we present a hybrid method based on information theory and genetic algorithm to detect network attacks. Our approach uses information theory to filter the traffic data and thus reduce the complexity. We use a linear structure rule to classify the network behaviors into normal and abnormal behaviors. We apply our approach to the kdd99 benchmark dataset and obtain high detection rate of 99.25% as well as low false alarm rate of 1.66%.
Keywords :
Internet; authorisation; benchmark testing; computer network reliability; filtering theory; genetic algorithms; telecommunication security; telecommunication traffic; Internet; filtering; genetic algorithm; information theory; intrusion detection method; kdd99 benchmark dataset; network attack detection; on-line monitoring; system reliability; traffic data; vulnerability; Condition monitoring; Filtering theory; Genetic algorithms; Genetic communication; Information filtering; Information filters; Information theory; Internet; Intrusion detection; Robustness;
Conference_Titel :
Performance, Computing, and Communications Conference, 2005. IPCCC 2005. 24th IEEE International
Print_ISBN :
0-7803-8991-3
DOI :
10.1109/PCCC.2005.1460505
