Abstract
Attacks against computer networks are becoming more sophisticated, with adversaries using new attacks or modifying existing attacks. This research uses three different types of multiobjective approaches, one lexicographic and two Pareto-based, in a multiobjective evolutionary programming algorithm to develop a new method for detecting such attacks. The approach evolves finite state transducers to detect attacks; this approach may allow the system to detect attacks with features similar to known attacks. Also, the approach examines the solution quality of each detector. Initial testing shows the algorithm performs satisfactorily in generating finite state transducers capable of detecting attacks.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
The views expressed in this article are those of the authors and do not reflect the official policy or position of the United States Air Force, Department of Defense, or the U.S. Government. This work is sponsored in part by the Air Force Office of Scientific Research.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Kevin Anchor, Gary Lamont, and Gregg Gunsch. An Evolutionary Programming Approach for Detecting Novel Computer Network Attacks. In Proceedings of the 2002 Congress on Evolutionary Computation, pages 1618–1623, Honolulu, 2002. IEEE Press.
Kevin Anchor, Paul Williams, Gregg Gunsch, and Gary Lamont. The Computer Defense Immune System: Current and Future Research in Intrusion Detection. In Proceedings of the 2002 Congress on Evolutionary Computation, pages 1027–1032, Honolulu, 2002. IEEE Press.
Kevin Anchor, Jesse Zydallis, Gary Lamont, and Gregg Gunsch. A Multiobjective Evolutionary Approach for Detecting Computer Network Attacks. In Second Workshop on Multiobjective Problem Solving from Nature, in association with PPSN VII: The Seventh International Conference on Parallel Problem Solving from Nature, Granada, Spain, 2002.
David B. Fogel and Kumar Chellapilla. Revisiting Evolutionary Programming. In S.K. Rogers, D.B. Fogel, J.C. Bezdek, and B. Bosacchi, editors, SPIE Aerosense98, Applications and Science of Computational Intelligence, pages 2–11, Orlando, FL, 1998.
L. J. Fogel, A. J. Owens, and M. J. Walsh. Artificial Intelligence through Simulated Intelligence. John Wiley, NY, 1966.
C M Fonseca and P J Fleming. Multiobjective Optimization. In Thomas Bäck, David B. Fogel, and Zbigniew Michalewicz, editors, Evolutionary Computation 2 Advanced Algorithms and Operators, volume 2, pages 25–37. Institute of Physics Publishing, Bristol (UK), 2000.
M. Matsumoto and T. Nishimura. Mersenne twister: A 623-dimensionally equidistributed uniform pseudorandom number generator. ACM Transactions on Modeling and Computer Simulation, 8(1):3–30, 1998.
Z. Michalewicz and D. Fogel. How to Solve It: Modern Heuristics. Springer-Verlag, Berlin, 2000.
SANS. Intrusion Detection FAQ. SANS Institute, 2001. World Wide Web Page. URL http://www.sans.org/newlook/resources/IDFAQ/ID_FAQ.htm.
William Spears and Diana Gordon. Evolving Finite-State Machine Strategies for Protecting Resources. In Proceedings of the International Symposium on Methodologies for Intelligent Systems 2000. ACM Special Interest Group on Artificial Intelligence, 2000.
David A. Van Veldhuizen. Multiobjective Evolutionary Algorithms: Classifications, Analyses, and New Innovations. PhD thesis, Department of Electrical and Computer Engineering. Graduate School of Engineering. Air Force Institute of Technology, Wright-Patterson AFB, Ohio, May 1999.
Stephen Vardeman and Marcus Jobe. Statistical Quality Assurance Methods for Engineers. John Wiley and Sons, Inc., New York, 1999.
David A. Van Veldhuizen and Gary B. Lamont. Multiobjective Evolutionary Algorithms: Analyzing the State-of-the-Art. Evolutionary Computation, 8(2):125–147, 2000.
Paul Williams, Kevin Anchor, John Bebo, Gregg Gunsch, and Gary Lamont. CDIS: Towards a Computer Immune System for Detecting Network Intrusions. In Proceedings of the 4th International Symposium, Recent Advances in Intrusion Detection 2001, pages 117–133, Berlin, 2001. Springer-Verlag.
Paul D. Williams. Warthog: Towards a Computer Immune System for Detecting “Low and Slow” Information System Attacks. Master’s thesis, AFIT/GCS/ENG/01M-15, Graduate School of Engineering and Management, Air Force Institute of Technology (AU), Wright-Patterson AFB, OH, March 2001.
Jesse B. Zydallis, David A. Van Veldhuizen, and Gary B. Lamont. A Statistical Comparison of Multiobjective Evolutionary Algorithms Including the MOMGA-II. In Eckart Zitzler, Kalyanmoy Deb, Lothar Thiele, Carlos A. Coello Coello, and David Corne, editors, First International Conference on Evolutionary Multi-Criterion Optimization, pages 226–240. Springer-Verlag. Lecture Notes in Computer Science No. 1993, 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anchor, K.P., Zydallis, J.B., Gunsch, G.H., Lamont, G.B. (2003). Different Multi-objective Evolutionary Programming Approaches for Detecting Computer Network Attacks. In: Fonseca, C.M., Fleming, P.J., Zitzler, E., Thiele, L., Deb, K. (eds) Evolutionary Multi-Criterion Optimization. EMO 2003. Lecture Notes in Computer Science, vol 2632. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36970-8_50
Download citation
DOI: https://doi.org/10.1007/3-540-36970-8_50
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-01869-8
Online ISBN: 978-3-540-36970-7
eBook Packages: Springer Book Archive