Security audit trail analysis with biogeography based optimization metaheuristic

Abstract

Information systems and computer networks are essential in nowadays modern society, and computer systems security is crucial as data to store and process becomes more and more important. In this paper, intrusion detection from audit security records is of our interest. As the volume of data generated by the auditing mechanisms of current systems is very large, it is therefore crucial to provide security officers with methods and tools to extract useful information. In this context, we aim at determine predefined attack scenarios in the audit trails. The problem is NP-Complete. Metaheuristics offer an alternative to solve this type of problems. We propose to use the Biogeography Based Optimization (BBO), a new metaheuristic well suited for constrained optimization problems. Experiments and performance measures were performed and a comparison with a Genetic Algorithm based method is made. BBO has proven effective and capable of producing a reliable method for intrusion detection. © 2011 Springer-Verlag.