Skip to main content
Conference Proceedings

Applying genetic programming to evolve learned rules for network anomaly detection

Lecture Notes in Computer Science (2005) 3612(PART III) 323-331
DOI: 10.1007/11539902_38
10Citations
Citations of this article
26Readers
Mendeley users who have this article in their library.
Get full text

Abstract

The DARPA/MIT Lincoln Laboratory off-line intrusion detection evaluation data set is the most widely used public benchmark for testing intrusion detection systems. But the presence of simulation artifacts attributes would cause many attacks in this dataset to be easily detected. In order to eliminate their influence on intrusion detection, we simply omit these attributes in the processes of both training and testing. We also present a GP-based rule learning approach for detecting attacks on network. GP is used to evolve new rules from the initial learned rules through genetic operations. Our results show that GP-based rule learning approach outperforms the original rule learning algorithm, detecting 84 of 148 attacks at 100 false alarms despite the absence of several simulation artifacts attributes. © Springer-Verlag Berlin Heidelberg 2005.

References Powered by Scopus

Wide Area Traffic: The Failure of Poisson Modeling

IEEE/ACM Transactions on Networking
2854Citations
N/AReaders
Get full text

1999 DARPA off-line intrusion detection evaluation

Computer Networks
646Citations
N/AReaders
Get full text

An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
342Citations
N/AReaders
Get full text
View more at Scopus

Cited by Powered by Scopus

The use of computational intelligence in intrusion detection systems: A review

Applied Soft Computing Journal
557Citations
N/AReaders
Get full text

A grammatical evolution approach to intrusion detection on mobile ad hoc networks

Proceedings of the 2nd ACM Conference on Wireless Network Security, WiSec'09
25Citations
N/AReaders
Get full text

Providing SIEM systems with self-adaptation

Information Fusion
20Citations
N/AReaders
Get full text
View more at Scopus

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Cite

CITATION STYLE

APA

Yin, C., Tian, S., Huang, H., & He, J. (2005). Applying genetic programming to evolve learned rules for network anomaly detection. In Lecture Notes in Computer Science (Vol. 3612, pp. 323–331). Springer Verlag. https://doi.org/10.1007/11539902_38

Readers' Seniority

Tooltip

PhD / Post grad / Masters / Doc 13

62%

Researcher 4

19%

Professor / Associate Prof. 3

14%

Lecturer / Post doc 1

5%

Readers' Discipline

Tooltip

Computer Science 17

85%

Philosophy 1

5%

Physics and Astronomy 1

5%

Engineering 1

5%

Save time finding and organizing research with Mendeley

Sign up for free