An Approach to Network Misuse Detection Based on Extension Matrix and Genetic Algorithm

With the rapid expansion of Internet in recent years, computer systems are facing increased number of security threats. And the need to protect connected systems also increases. Intrusion detection systems (IDSs) are the latest technology used for this purpose. Numerous soft computing based approaches have been proposed to detect computer network attacks. This paper presents an approach based on extension matrix and genetic algorithm to network misuse detection. Based on extension matrix formed on positive and negative examples, we set up the integer-programming model (IPM) for optimal rule extraction and feature subset selection. Then genetic algorithm is applied to solve IPM and optimal rules are generated for intrusion detection. Those generated rules are then used to detect or classify network intrusions in a real-time environment. Experimental results show the achievement of high true positive rates and acceptable low false positive rates based on benchmark DARPA data sets on intrusion