الخلاصة

Threats against the internet and computer networks are becoming more sophisticated, with attackers using new attacks or modi- fying existing ones. Security teams have major difficulties in dealing with large numbers of continuously evolving threats. Various artificial intel- ligence algorithms have been deployed to analyse such threats. In this paper, we explore the use of Evolutionary Computation (EC) techniques to construct behavioural rules for characterising activities observed in a system. The EC framework evolves human readable solutions that pro- vide an explanation of the logic behind its evolved decisions, offering a significant advantage over existing paradigms. We examine the potential application of these algorithms to detect known and unknown attacks. The experiments were conducted on modern datasets.