Title: gNIDS: rule-based network intrusion detection system using genetic algorithms

Authors: K.G. Srinivasa; N. Pramod

Addresses: Machine Learning Applications Laboratory, Department of Computer Science and Engineering, M.S. Ramaiah Institute of Technology, Bangalore 560 054, India ' Machine Learning Applications Laboratory, Department of Computer Science and Engineering, M.S. Ramaiah Institute of Technology, Bangalore 560 054, India

Abstract: Detection of intrusions in computer networks has been a growing problem motivating widespread research in computer science to develop better Intrusion Detecting Systems (IDS). The existing IDS have been quite static and lack the ability to adjust themselves to the new network traffic and hence new kinds of attack. In this paper, we present a genetic algorithm (GA) based machine learning approach to identify such harmful/attack type of connections. The algorithm takes into consideration different features in network connections such as source and destination IP, type of protocol and status of the connection to generate a classification rule set. The proposed method is efficient with respect to good detection rate and low false positives. The experimental results demonstrate the lower execution time of the proposed algorithm. The 1999 DARPA IDS dataset is used as the evaluation dataset for both training and testing.

Keywords: intrusion detection; genetic algorithms; artificial intelligence; rule based systems; machine learning; malicious attacks; network connections; network security.

DOI: 10.1504/IJISTA.2012.052503

International Journal of Intelligent Systems Technologies and Applications, 2012 Vol.11 No.3/4, pp.252 - 266

Received: 22 Feb 2012
Accepted: 10 Oct 2012

Published online: 06 Mar 2013 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article