Benner
حسنين مرتضى الياسري ( مدرس )
كلية علوم الحاسوب والرياضيات - الحاسوب
[email protected]
 
 
 
Applying Cartesian Genetic Programming to Evolve Rules for Intrusion Detection System
تحميل
بحث النوع:
علوم التخصص العام:
Hasanen Alyasiri اسم الناشر:
اسماء المساعدين:
SCITEPRESS Digital Library الجهة الناشرة:
The SciTePress Digital Library (Science and Technology Publications, Lda) is an open access repository, who specializes in publishing conference proceedings. Access to the SciTePress Digital Library is free for members and allows visitors to browse through papers, conference proceedings and books.  
2018 سنة النشر:

الخلاصة

With cyber-attacks becoming a regular feature in daily business and attackers continuously evolving their techniques, we are witnessing ever more sophisticated and targeted threats. Various artificial intelligence algorithms have been deployed to analyse such incidents. Extracting knowledge allows the discovery of new attack methods, intrusion scenarios, and attackers’ objectives and strategies, all of which can help distinguish attacks from legitimate behaviour. Among those algorithms, Evolutionary Computation (EC) techniques have seen significant application. Research has shown it is possible to utilize EC methods to construct IDS detection rules. In this paper, we show how Cartesian Genetic Programming (CGP) can construct the behaviour rule upon which an intrusion detection will be able to make decisions regarding the nature of the activity observed in the system. The CGP framework evolves human readable solutions that provide an explanation of the logic behind its evolved decision s. Experiments are conducted on up-to-date cybersecurity datasets and compared with state of the art paradigms. We also introduce ensemble learning paradigm, indicating how CGP can be used as stacking technique to improve the learning performance.