Estimation of Distribution Algorithm for Optimization of Neural Networks for Intrusion Detection System

  • Yuehui Chen
  • Yong Zhang
  • Ajith Abraham
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4029)


An Intrusion Detection System (IDS) is a program that analyzes what happens or has happened during an execution and tries to find indications that the computer has been misused. An IDS does not eliminate the use of preventive mechanism but it works as the last defensive mechanism in securing the system. This paper evaluates the performances of Estimation of Distribution Algorithm (EDA) to train a feedforward neural network classifier for detecting intrusions in a network. Results are then compared with Particle Swarm Optimization (PSO) based neural classifier and Decision Trees (DT). Empirical results clearly show that evolutionary computing techniques could play an important role in designing real time intrusion detection systems.


Particle Swarm Optimization Data Item Intrusion Detection Intrusion Detection System Distribution Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Summers, R.C.: Secure Computing: Threats and Safeguards. McGraw Hill, New York (1997)Google Scholar
  2. 2.
    Debar, M., Becke, D., Siboni, A.: A Neural Network Component for an Intrusion Detection System. In: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy (1992)Google Scholar
  3. 3.
    Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion Detection Using Ensemble of Soft Computing Paradigms. In: Advances in Soft Computing, Springer Verlag, Germany, pp. 239–248. Springer, Heidelberg (2003)Google Scholar
  4. 4.
    Shah, K., Dave, N., Chavan, S., Mukherjee, S., Abraham, A., Sanyal, S.: Adaptive Neuro-Fuzzy Intrusion Detection System. In: IEEE International Conference on ITCC 2004, vol. 1, pp. 70–74 (2004)Google Scholar
  5. 5.
    Abraham, A.: Evolutionary Computation in Intelligent Web Management, Evolutionary Computing in Data Mining. In: Ghosh, A., Jain, L. (eds.) Studies in Fuzziness and Soft Computing, ch. 8, pp. 189–210. Springer, Germany (2004)Google Scholar
  6. 6.
    Chen, Y., Yang, B., Dong, J.: Nonlinear System Modeling via Optimal Design of Neural Trees. International Journal of Neural Systems 14(2), 125–137 (2004)CrossRefGoogle Scholar
  7. 7.
    Chen, Y., Yang, B., Dong, J., Abraham, A.: Time-series Forecasting using Flexible Neural Tree Model. Information Science 174(3-4), 219–235 (2005)CrossRefMathSciNetGoogle Scholar
  8. 8.
    Chen, Y., Abraham, A.: Feature Selection and Intrusion Detection using Hybrid Flexible Neural Tree. In: Wang, J., Liao, X.-F., Yi, Z. (eds.) ISNN 2005. LNCS, vol. 3498, pp. 439–444. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
  10. 10.
    Chebrolu, S., Abraham, A., Thomas, J.P.: Feature Detection and Ensemble Design of Intrusion Detection Systems. Computers and security 24/4, 295–307 (2005)CrossRefGoogle Scholar
  11. 11.
    Barbara, D., Couto, J., Jajodia, S., Wu, N.: ADAM: A Testbed for Exploring the Use of Data Mining in Intrusion Detection. SIGMOD Record 30(4), 15–24 (2001)CrossRefGoogle Scholar
  12. 12.
    Quinlan, J.R.: Induction of Decision Trees. Machine Learning 1, 81–106 (1986)Google Scholar
  13. 13.
    Quinlan, J.R.: C4.5: Programs for Machine Learning. Morgan Kaufmann, San Francisco (1993)Google Scholar
  14. 14.
    Brieman, L., Friedman, J., Olshen, R., Stone, C.: Classification of Regression Trees, Wadsworth Inc. (1984)Google Scholar
  15. 15.
    Joo, D., Hong, T., Han, I.: The neural network models for IDS based on the asymmetric costs of false negative errors and false positive errors. Expert Systems with Applications 25, 69–75 (2003)CrossRefGoogle Scholar
  16. 16.
    Ochoa, A., Muhlenbein, H., Soto, M.: A Factorized Distribution Algorithm Using Single Connected Bayesian Networks. In: PPSN, pp. 787–796 (2000)Google Scholar
  17. 17.
    Pelikan, M., Goldberg, D.E., Cantu-Paz, E.: BOA: The Bayesian Optimization Algorithm. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO99), vol. I, pp. 525–532 (1999)Google Scholar
  18. 18.
    Rudlof, S., Koppen, M.: Stochastic Hill-Climbing with Learning by Vectors of Normal Distributions, Nagoya, Japan (1996)Google Scholar
  19. 19.
    Larranaga, P., Lozano, J.A.: Estimation of Distribution Algorithms: A New Tool for Evolutionary Computation. Kluwer Academic Publishers, Dordrecht (2001)Google Scholar
  20. 20.
    Bosman, P.A.N., Thierens, D.: Expanding from Discrete to Continuous EDAs: The IDEA. In: Proceedings of Parallel Problem Solving from Nature, PPSN-VI, pp. 767–776 (2000)Google Scholar
  21. 21.
    Tsutsui, S., Pelikan, M., Goldberg, D.E.: Evolutionary Algorithm Using Marginal Histogram Models in Continuous Domain. In: Proceedings of the 2001 Genetic and Evolutionary Computation Conference Workshop, San Francisco, CA, pp. 230–233 (2001)Google Scholar
  22. 22.
    Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. Journal of Network and Computer Applications 28(2), 167–182 (2005)CrossRefGoogle Scholar
  23. 23.
    Chebrolu, S., Abraham, A., Thomas, J.P.: Feature deduction and ensemble design of intrusion detection systems. Computers and Security 24(4), 295–307 (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Yuehui Chen
    • 1
  • Yong Zhang
    • 2
  • Ajith Abraham
    • 1
    • 3
  1. 1.School of Information Science and EngineeringJinan UniversityJinanP.R. China
  2. 2.School of Control Science and EngineeringJinan UniversityJinanP.R. China
  3. 3.School of Computer Science and EngineeringChung-Ang UniversitySeoulRepublic of Korea

Personalised recommendations