Evaluating the performance of a differential evolution algorithm in anomaly detection

During the last few eras, evolutionary algorithms have been adopted to tackle cyber-terrorism. Among them, genetic algorithms and genetic programming were popular choices. Recently, it has been shown that differential evolution was more successful in solving a wide range of optimization problems. However, a very limited number of research studies have been conducted for intrusion detection using differential evolution. In this paper, we will adapt differential evolution algorithm for anomaly detection, along with proposing a new fitness function to measure the quality of each individual in the population. The proposed method is trained and tested on the 10%KDD99 cup data and compared against existing methodologies. The results show the effectiveness of using differential evolution in detecting anomalies by achieving an average true positive rate of 100%, while the average false positive rate is only 0.582%.