Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection

Classification of intrusion attacks and normal network traffic is a challenging and critical problem in pattern recognition and network security. In this paper, we present a novel intrusion detection approach to extract both accurate and interpretable fuzzy IF–THEN rules from network traffic data fo...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:Pattern recognition Ročník 40; číslo 9; s. 2373 - 2391
Hlavní autori: Tsang, Chi-Ho, Kwong, Sam, Wang, Hanli
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Oxford Elsevier Ltd 01.09.2007
Elsevier Science
Predmet:
Applied sciences
Exact sciences and technology
Feature selection
Fuzzy classifier
Genetic algorithms
Information, signal and communications theory
Intrusion detection
Miscellaneous
Multi-objective optimization
Pattern recognition
Signal and communications theory
Signal processing
Signal representation. Spectral analysis
Signal, noise
Telecommunications and information theory
Feature selection
Multi-objective optimization
Fuzzy classifier
Intrusion detection
Genetic algorithms
Performance evaluation
Automatic classification
Expert system
Multiobjective programming
Intruder detector
Remote sensing
Accuracy
Data transmission network
Safety
Fuzzy system
Teletraffic
Pattern recognition
Signal classification
False alarm rate
Multiagent system
Surveillance
Genetic algorithm
Signal processing
Feature extraction
Remote supervision
ISSN:0031-3203, 1873-5142
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Classification of intrusion attacks and normal network traffic is a challenging and critical problem in pattern recognition and network security. In this paper, we present a novel intrusion detection approach to extract both accurate and interpretable fuzzy IF–THEN rules from network traffic data for classification. The proposed fuzzy rule-based system is evolved from an agent-based evolutionary framework and multi-objective optimization. In addition, the proposed system can also act as a genetic feature selection wrapper to search for an optimal feature subset for dimensionality reduction. To evaluate the classification and feature selection performance of our approach, it is compared with some well-known classifiers as well as feature selection filters and wrappers. The extensive experimental results on the KDD-Cup99 intrusion detection benchmark data set demonstrate that the proposed approach produces interpretable fuzzy systems, and outperforms other classifiers and wrappers by providing the highest detection accuracy for intrusion attacks and low false alarm rate for normal network traffic with minimized number of features.
ISSN:0031-3203
1873-5142
DOI:10.1016/j.patcog.2006.12.009