Skip to main content
SpringerLink
Log in

Modeling Intrusion Detection Systems Using Linear Genetic Programming Approach

  • Conference paper
Innovations in Applied Artificial Intelligence (IEA/AIE 2004)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3029))

Abstract

This paper investigates the suitability of linear genetic programming (LGP) technique to model efficient intrusion detection systems, while comparing its performance with artificial neural networks and support vector machines. Due to increasing incidents of cyber attacks and, building effective intrusion detection systems (IDSs) are essential for protecting information systems security, and yet it remains an elusive goal and a great challenge. We also investigate key feature indentification for building efficient and effective IDSs. Through a variety of comparative experiments, it is found that, with appropriately chosen population size, program size, crossover rate and mutation rate, linear genetic programs could outperform support vector machines and neural networks in terms of detection accuracy. Using key features gives notable performance in terms of detection accuracies. However the difference in accuracy tends to be small in a few cases.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 74.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Denning, D.: An Intrusion-Detection Model. IEEE Transactions on Software Engineering SE-13(2), 222–232 (1987)

    Article  Google Scholar 

  2. Kumar, S., Spafford, E.H.: An Application of Pattern Matching in Intrusion Detection. Technical Report CSD-TR-94-013. Purdue University (1994)

    Google Scholar 

  3. Cannady, J.: Applying Neural Networks for Misuse Detection. In: Proceedings of 21st National Information Systems Security Conference, pp. 368–381 (1998)

    Google Scholar 

  4. Ryan, J., Lin, M.-J., Miikkulainen, R.: Intrusion Detection with Neural Networks. In: Advances in Neural Information Processing Systems, vol. 10, MIT Press, Cambridge (1998)

    Google Scholar 

  5. Mukkamala, S., Janoski, G., Sung, A.H.: Intrusion Detection Using Neural Networks and Support Vector Machines. In: Proceedings of IEEE International Joint Conference on Neural Networks, pp. 1702–1707 (2002)

    Google Scholar 

  6. Stolfo, J., Wei, F., Lee, W., Prodromidis, A., Chan, P.K.: Cost-based Modeling and Evaluation for Data Mining with Application to Fraud and Intrusion Detection. Results from the JAM Project by Salvatore (1999)

    Google Scholar 

  7. Mukkamala, S., Sung, A.H.: Identifying Key Features for Intrusion Detection Using Neural Networks. In: Proceedings of ICCC International Conference on Computer Communications, pp. 1132–1138 (2002)

    Google Scholar 

  8. Banzhaf, W., Nordin, P., Keller, E.R., Francone, F.D.: Genetic Programming: An Introduction on The Automatic Evolution of Computer Programs and its Applications. Morgan Kaufmann Publishers, Inc., San Francisco (1998)

    MATH  Google Scholar 

  9. http://www.ll.mit.edu/IST/ideval/data/data_index.html

  10. AIMLearning Technology, http://www.aimlearning.com

  11. Brameier, M., Banzhaf, W.: A comparison of linear genetic programming and neural networks in medical data mining, Evolutionary Computation. IEEE Transactions on 5(1), 17–26 (2001)

    Google Scholar 

  12. Riedmiller, M., Braun, H.: A direct adaptive method for faster back propagation learning: The RPROP algorithm. In: Proceedings of the IEEE International Conference on Neural Networks (1993)

    Google Scholar 

  13. Joachims, T.: Making Large-Scale SVM Learning Practical. LS8-Report, University of Dortmund, LS VIII-Report (1998)

    Google Scholar 

  14. Joachims, T.: SVMlight is an Implementation of Support Vector Machines (SVMs) in C. University of Dortmund. Collaborative Research Center on Complexity Reduction in Multivariate Data (SFB475) (2000) http://ais.gmd.de/~thorsten/svm_light

  15. Vladimir, V.N.: The Nature of Statistical Learning Theory. Springer, Heidelberg (1995)

    MATH  Google Scholar 

  16. Kendall, K.: A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems. Master’s Thesis, Massachusetts Institute of Technology (1998)

    Google Scholar 

  17. Webster, S.E.: The Development and Analysis of Intrusion Detection Algorithms. M.S. Thesis, Massachusetts Institute of Technology (1998)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, New Mexico Tech, Socorro, NM, 87801, USA

    Srinivas Mukkamala & Andrew H. Sung

  2. Department of Computer Science, Oklahoma State University, Tulsa, OK, 74106, USA

    Ajith Abraham

Authors
  1. Srinivas Mukkamala
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrew H. Sung
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ajith Abraham
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Information Technology, National Research Council of Canada, 1200 Montreal Read, M-50, K1A 0R6, Ottawa, Ontario, Canada

    Bob Orchard

  2. Institute for Information Technology, National Research Council, Canada

    Chunsheng Yang

  3. Department of Computer Science, Texas State University-San Marcos, Nueces 247, 601 University Drive, TX 78666-4616, San Marcos, USA

    Moonis Ali

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mukkamala, S., Sung, A.H., Abraham, A. (2004). Modeling Intrusion Detection Systems Using Linear Genetic Programming Approach. In: Orchard, B., Yang, C., Ali, M. (eds) Innovations in Applied Artificial Intelligence. IEA/AIE 2004. Lecture Notes in Computer Science(), vol 3029. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24677-0_65

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24677-0_65

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-22007-7

  • Online ISBN: 978-3-540-24677-0

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation