Abstract
The update of rules is the key to success for rule-based network intrusion detection system because of the endless appearance of new attacks. To efficiently extract classification rules from the vast network traffic data, this paper gives a new approach based on Particle Swarm Optimization (PSO) and introduces a new coding scheme called ”indexical coding” in accord with the feature of the network traffic data. PSO is a novel optimization technique and has been shown high performance in numeric problems, but few researches have been reported in rule learning for IDS that requires a high level representation of the individual, this paper makes a study and demonstrates the performance on the 1999 KDD cup data. The results show the feasibility and effectiveness of it.
Supported by the National Natural Science Foundation of China under Grant No. 60673161, the Key Project of Chinese Ministry of Education under Grant No.206073, the Project supported by the Natural Science Foundation of Fujian Province of China(No.2006J0027).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bace, R., Mell, P.: Intrusion detection systems. NIST Computer Science Special Reports November SP800-31 (2001)
Northcutt, S., Novak, J.: Network Intrusion Detection, 3rd edn. New Riders, Indianapolis (2003)
Dasgupta, D., Gonzalez, F.A.: An Intelligent Decision Support System for Intrusion Detection and Response. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds.) MMM-ACNS 2001. LNCS, vol. 2052, pp. 1–14. Springer, Heidelberg (2001)
Chittur, A.: Model Generation for an Intrusion Detection System Using Genetic Algorithms. http://www1.cs.columbia.edu/ids/publications/gaids-thesis01.pdf
Guan, J., Liu, D., Cui, B.: An Induction Learning Approach for Building Intrusion Detection Models Using Genetic Algorithms. In: Proceedings of the 5th World Congress on Intelligent Control and Automation. Hangzhou, P.R. China, pp. 15–19 (2004)
Xiao, T., et al.: An Efficient Network Intrusion Detection Method Based on Information Theory and Genetic Algorithm. In: Proceedings of the 24th IEEE International Performance Computing and Communications Conference (IPCCC ’05), Phoenix, AZ, USA, IEEE Computer Society Press, Los Alamitos (2005)
Bridges, S.M., Vaughn, R.B.: Fuzzy Data Mining And Genetic Algorithms Applied to Intrusion Detection. In: Proceedings of 12th Annual Canadian Information Technology Security Symposium, pp. 109–122 (2000)
Abadeh, M.S., Habibi, J., Aliari, S.: Using a Particle Swarm Optimization Approach for Evolutionary Fuzzy Rule Learning: A Case Study of Intrusion Detection. In: IPMU (2006)
Kennedy, J., Eberhart, R.C.: Particle Swarm Optimization. In: Proceedings of the IEEE Int. Conf. Neural Networks, pp. 1942–1948. IEEE Computer Society Press, Los Alamitos (1995)
Parsopoulos, K.E., et al.: Streching Technique for Obtaining Gloabal Minimizers Through Particle Swarm Optimization. In: Proceedings Particle Swarm Optimization Workshop, pp. 22–29 (2001)
Eberhart, R.C., Shi, Y.H.: Tracking and optimizing dynamic systems with particle swarms. In: Proceedings of the IEEE congress on Evolutionary Computation, Seoul, Korea, pp. 94–97. IEEE, Los Alamitos (2001)
Shi, Y.H., Eberhart, R.C.: A Modified Particle Swarm Optimizer. In: IEEE International Conference of Evolutionary Computation, pp. 69–73. IEEE Computer Society Press, Piscataway (1998)
Sousa, T., Silva, A., Neves, A.: A Particle Swarm Data Miner: http://cisuc.dei.uc.pt/_binaries/615_pub_TiagoEPIA03.pdf
KDD Cup competition (1999), http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Duan, X., Wang, C., Wang, N., et al.: Design of Classifier Based on Particle Swarm Algorithm. Computer Engineering, China 31(20), 107–109 (2005)
IP, Internet Protocol: http://www.networksorcery.com/enp/protocol/ip.htm
Port Numbers: http://www.iana.org/assignments/port-numbers
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Guolong, C., Qingliang, C., Wenzhong, G. (2007). A PSO-Based Approach to Rule Learning in Network Intrusion Detection. In: Cao, BY. (eds) Fuzzy Information and Engineering. Advances in Soft Computing, vol 40. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71441-5_72
Download citation
DOI: https://doi.org/10.1007/978-3-540-71441-5_72
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71440-8
Online ISBN: 978-3-540-71441-5
eBook Packages: EngineeringEngineering (R0)