IMPROVING INTRUSION DETECTION USING TREE ADJOINING GRAMMAR GUIDED GENETIC PROGRAMMING

Authors

  • Vũ Văn Cảnh The Faculty of Information Technology, Lequydon Technical University; and The Faculty of Information Technology, Telecommunication University, Viet Nam
  • Hoàng Tuấn Hảo The Faculty of Information Technology, Lequydon Technical University, Viet Nam
  • Nguyễn Văn Hoàn The Faculty of Information Technology, Telecommunication University, Viet Nam

DOI:

https://doi.org/10.37569/DalatUniversity.7.3.339(2017)

Keywords:

Attack detection, Classification, Genetic Programming (GP), IDS, TAG3P.

Abstract

Nowadays, the problem of network security has become urgent and affect the performance of modern computer networks greatly. Detection and prevention of network attacks have been the main topic of many researchers in the World. One of the safety measures for networks is using the intrusion detection systems. However, these measures are costly, ineffective, unreliable and can-not detect new or unknown attacks. Some studies using machine learning technology have been applied in intrusion detection. In our work, we proposed using Genetic Programming (GP) to improve intrusion detection. In the experiments, we used GP and Tree Adjoining Grammar Guided Genetic Programming (TAG3P) on artifical datasets suggested by Pham, Nguyen, and Nguyen (2014). Compared with previous results, we found that GP and TAG3P are more effective in detecting attacks than previous measures.

Downloads

Download data is not yet available.

References

Abadeh, M. S., Habibi, J., & Lucas, C. (2007). Intrusion detection using a fuzzy genetics-based learning algorithm. Journal of Network and Computer Applications, 30(1), 414-428.

Abdullah, B., Abd-Alghafar, I., Gouda, I., & Salama, A. A. (2009). Performance avaluation of a genetic algorithm based approach to network intrusion detection system. Paper presented at The 13th International Conference on Aerospace Sciences and Aviation Technology, USA.

Ahmad, I., Hussain, M., Alghamdi, A., & Alelaiwi, A. (2013). Enhancing SVM performance in intrusion detection using optimal feature subset selection based on genetic principal components. Springer Open, 24(7-8), 1671-1682.

Al-Jarrah, O. Y., Siddiqui, A., Elsalamouny, M., Yoo, P. D., Muhaidat, S., & Kim, K. (2014). Machine learning based feature selection techniques for large-scale network intrusion detection. Paper presented at The IEEE 34th International Conference on Distributed Computing Systems Workshops, USA.

Anup, G., & Chetan, K. (2008). GA-NIDS: A Genetic algorithm based network intrusion detection system. Retrieved from https://www.researchgate.net/publication/ 228791237_GA-NIDS_A_Genetic_Algorithm_based_Network_Intrusion_ Detection_System

Botha, M., & Solms, R. (2004). Utilizing neural networks for effective intrusion detection. Retrieved from http://icsa.cs.up.ac.za/issa/2004/Proceedings/Full/040.pdf

Bridges, S. M., & Vaughn, R. B. (2000). Fuzzy data mining and genetic algorithms applied to intrusion detection. Paper presented at The Twenty-third National Information Systems Security Conference, USA.

Crosbie, M., & Spafford, E. (1995). Applying genetic programming to intrusion detection. International Journal of Science and Research, 2(6), 480-483.

Devarakonda, N., & Pamidi, S. (2012). Intrusion detection system using Bayesian network and Hidden Markov model. Procedia Technology, 4(1), 506-514.

Faraoun, K. M., Boukelif, A., & Algeria, S. B. A. (2006). Genetic programming approach for multi-category pattern classification applied to network intrusions detection. International Journal of Computational Intelligence and Applications, 6(1), 3098-3109.

Gomez, J., & Dasgupta, D. (2002). Evolving fuzzy rules for intrusion detection. Paper presented at The Third Annual IEEE Information Assurance Workshop 2002 Conference, USA.

Gong, R. H., Zulkernine, M., & Abolmaesumi, P. (2005). A software implementation of a genetic algorithm based approach to network intrusion detection. Paper presented at The Sixth International Conference on Software Engineering, USA.

Koza, J. R. (1992). Genetic programming: On the programming of computers by means of natural selection. Massachusetts, USA: MIT Press.

Le, H. N., Hoang, T. H., & Vu, V. C. (2015). Self-adaptive srossover and mutation parameters in tree adjoining grammar guided genetic programming. Tạp chí Khoa học và Kỹ thuật Học viện Kỹ thuật Quân sự, 15(6), 5-15.

Leung, Y., So, L., & Yam, K. F. (1992). Rule learning in expert systems using genetic algorithm. Paper presented at The International Conference on Fuzzy Logic & Neural Networksm, Japan.

Li, W. (2004). Using genetic algorithm for network intrusion detection. Retrieved from https://pdfs.semanticscholar.org/9175/54c7cce69e6ee9708020863f2bd27fa986a6.pdf.

Lu, W., & Traore, I. (2004). Detecting new forms of network intrusion using genetic programming. Computational Intelligence, 20(3), 475-494.

Middlemiss, M., & Dick, G. (2003). Feature selection of intrusion detection data using a hybrid genetic algorithm/KNN approach. Amsterdam, Netherlands: IOS Press.

Mukkamala, S., Andrew, H. S., & Ajith, A. (2005). Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer Applications, 28(2), 167-182.

Nguyen, X. H., McKay, R. I., & Abbass, H. A. (2003). Tree adjoining grammars, language bias, and genetic programming. Paper presented at The EuroGP2003, Netherlands.

Peddabachigari, S., Ajith, A. G., & Thomas, J. (2007). Modeling intrusion detection system using hybrid intelligent systems. Journal of Network and Computer Applications, 30(1), 114-132.

Peng, T., Leckie, C., & Kotagiri, R. (2007). Information sharing for distributed intrusion detection systems. Journal of Network and Computer Applications, 30(3), 877-899.

Pham, T. S., Nguyen, Q. U., & Nguyen, X. H. (2014). Generating artificial attack data for intrusion detection using machine learning. Paper presented at The Fifth Symposium on Information and Communication Technology Conference, Vietnam.

Pillai, M. M., Eloff, J. H. P., & Venter, H. S. (2004). An approach to implement a network intrusion detection system using genetic algorithms. Paper presented at The SAICSIT, South Africa.

UCI KDD Archive. (1999). KDD cup 1999 data. Retrieved from http://kdd.ics.uci.edu/ databases/kddcup99/kddcup99.html

Wong, M. L., Leung, K. S., & Cheng, J. C. Y. (2000). Discovering knowledge from noisy databases using genetic programming. Journal of the American Society for Information Science and Technology, 51(9), 870-881.

Published

15-09-2017

Volume and Issues

Section

Natural Sciences and Technology

How to Cite

Cảnh, V. V., Hảo, H. T., & Hoàn, N. V. (2017). IMPROVING INTRUSION DETECTION USING TREE ADJOINING GRAMMAR GUIDED GENETIC PROGRAMMING. Dalat University Journal of Science, 7(3), 379-400. https://doi.org/10.37569/DalatUniversity.7.3.339(2017)