An ensemble-based evolutionary framework for coping with distributed intrusion detection

被引：0

作者：

Gianluigi Folino

Clara Pizzuti

Giandomenico Spezzano

机构：

[1] Institute for High Performance Computing and Networking (ICAR),National Research Council (CNR)

来源：

Genetic Programming and Evolvable Machines | 2010年 / 11卷

关键词：

Intrusion detection; Ensemble classifiers; Distributed evolutionary algorithms;

D O I：

暂无

中图分类号：

学科分类号：

摘要：

A distributed data mining algorithm to improve the detection accuracy when classifying malicious or unauthorized network activity is presented. The algorithm is based on genetic programming (GP) extended with the ensemble paradigm. GP ensemble is particularly suitable for distributed intrusion detection because it allows to build a network profile by combining different classifiers that together provide complementary information. The main novelty of the algorithm is that data is distributed across multiple autonomous sites and the learner component acquires useful knowledge from this data in a cooperative way. The network profile is then used to predict abnormal behavior. Experiments on the KDD Cup 1999 Data show the capability of genetic programming in successfully dealing with the problem of intrusion detection on distributed data.

引用

页码：131 / 146

页数：15

共 29 条

[1]

Abraham A.(2007)Evolutionary design of intrusion detection programs Int. J. Netw. Secur. 4 328-339

[2]

Grosan C.(2002)Parallelism and evolutionary algorithms IEEE Trans. Evol. Comput. 6 443-462

[3]

Martin-Vide C.(1997)The use of the area under the roc curve in the evaluation of machine learning algorithms Pattern Recognit. 30 1145-1159

[4]

Alba E.(1996)Bagging predictors Mach. Learn. 24 123-140

[5]

Tomassini M.(2006)Genetic programming approach for multi-category pattern classification applied to network intrusions detection Int. J. Comput. Intell. Appl. 6 77-99

[6]

Bradley A.P.(2003)A scalable cellular implementation of parallel genetic programming IEEE Trans. Evol. Comput. 7 37-53

[7]

Breiman L.(2006)GP ensembles for large scale data classification IEEE Trans. Evol. Comput. 10 604-616

[8]

Faraoun K.(2007)Genetic programming for prevention of cyberterrorism through dynamic and evolving intrusion detection Decis. Support Syst. 43 1362-1374

[9]

Boukelif A.(2000)Testing intrusion detection systems: a critique of the 1988 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory ACM Trans. Inf. Syst. Secur. 3 262-294

[10]

Folino G.(2007)Modeling intrusion detection system using hybrid intelligent systems Int. J. Netw. Comput. Appl. 30 114-132

← 1 2 3 →