Skip to main content
SpringerLink
Log in

A PSO-Based Approach to Rule Learning in Network Intrusion Detection

  • Conference paper
Fuzzy Information and Engineering

Part of the book series: Advances in Soft Computing ((AINSC,volume 40))

Abstract

The update of rules is the key to success for rule-based network intrusion detection system because of the endless appearance of new attacks. To efficiently extract classification rules from the vast network traffic data, this paper gives a new approach based on Particle Swarm Optimization (PSO) and introduces a new coding scheme called ”indexical coding” in accord with the feature of the network traffic data. PSO is a novel optimization technique and has been shown high performance in numeric problems, but few researches have been reported in rule learning for IDS that requires a high level representation of the individual, this paper makes a study and demonstrates the performance on the 1999 KDD cup data. The results show the feasibility and effectiveness of it.

Supported by the National Natural Science Foundation of China under Grant No. 60673161, the Key Project of Chinese Ministry of Education under Grant No.206073, the Project supported by the Natural Science Foundation of Fujian Province of China(No.2006J0027).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bace, R., Mell, P.: Intrusion detection systems. NIST Computer Science Special Reports November SP800-31 (2001)

    Google Scholar 

  2. Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders, Indianapolis (2003)

    Google Scholar 

  3. Dasgupta, D., Gonzalez, F.A.: An Intelligent Decision Support System for Intrusion Detection and Response. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 1–14. Springer, Heidelberg (2001)

    Google Scholar 

  4. Chittur, A.: Model Generation for an Intrusion Detection System Using Genetic Algorithms. http://www1.cs.columbia.edu/ids/publications/gaids-thesis01.pdf

  5. Guan, J., Liu, D., Cui, B.: An Induction Learning Approach for Building Intrusion Detection Models Using Genetic Algorithms. In: Proceedings of the 5th World Congress on Intelligent Control and Automation. Hangzhou, P.R. China, pp. 15–19 (2004)

    Google Scholar 

  6. Xiao, T., et al.: An Efficient Network Intrusion Detection Method Based on Information Theory and Genetic Algorithm. In: Proceedings of the 24th IEEE International Performance Computing and Communications Conference (IPCCC ’05), Phoenix, AZ, USA, IEEE Computer Society Press, Los Alamitos (2005)

    Google Scholar 

  7. Bridges, S.M., Vaughn, R.B.: Fuzzy Data Mining And Genetic Algorithms Applied to Intrusion Detection. In: Proceedings of 12th Annual Canadian Information Technology Security Symposium, pp. 109–122 (2000)

    Google Scholar 

  8. Abadeh, M.S., Habibi, J., Aliari, S.: Using a Particle Swarm Optimization Approach for Evolutionary Fuzzy Rule Learning: A Case Study of Intrusion Detection. In: IPMU (2006)

    Google Scholar 

  9. Kennedy, J., Eberhart, R.C.: Particle Swarm Optimization. In: Proceedings of the IEEE Int. Conf. Neural Networks, pp. 1942–1948. IEEE Computer Society Press, Los Alamitos (1995)

    Chapter  Google Scholar 

  10. Parsopoulos, K.E., et al.: Streching Technique for Obtaining Gloabal Minimizers Through Particle Swarm Optimization. In: Proceedings Particle Swarm Optimization Workshop, pp. 22–29 (2001)

    Google Scholar 

  11. Eberhart, R.C., Shi, Y.H.: Tracking and optimizing dynamic systems with particle swarms. In: Proceedings of the IEEE congress on Evolutionary Computation, Seoul, Korea, pp. 94–97. IEEE, Los Alamitos (2001)

    Google Scholar 

  12. Shi, Y.H., Eberhart, R.C.: A Modified Particle Swarm Optimizer. In: IEEE International Conference of Evolutionary Computation, pp. 69–73. IEEE Computer Society Press, Piscataway (1998)

    Google Scholar 

  13. Sousa, T., Silva, A., Neves, A.: A Particle Swarm Data Miner: http://cisuc.dei.uc.pt/_binaries/615_pub_TiagoEPIA03.pdf

  14. KDD Cup competition (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html

  15. Duan, X., Wang, C., Wang, N., et al.: Design of Classifier Based on Particle Swarm Algorithm. Computer Engineering, China 31(20), 107–109 (2005)

    Google Scholar 

  16. IP, Internet Protocol: http://www.networksorcery.com/enp/protocol/ip.htm

  17. Port Numbers: http://www.iana.org/assignments/port-numbers

Download references

Author information

Authors and Affiliations

  1. College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350002, China

    Chen Guolong, Chen Qingliang & Guo Wenzhong

  2. School of Computer Science, National University of Defense Technology, Changsha 410073, China

    Chen Guolong

Authors
  1. Chen Guolong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chen Qingliang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Guo Wenzhong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Bing-Yuan Cao

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Guolong, C., Qingliang, C., Wenzhong, G. (2007). A PSO-Based Approach to Rule Learning in Network Intrusion Detection. In: Cao, BY. (eds) Fuzzy Information and Engineering. Advances in Soft Computing, vol 40. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71441-5_72

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-71441-5_72

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-71440-8

  • Online ISBN: 978-3-540-71441-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation