Security Audit Trail Analysis Using Genetic Algorithms

  • Ludovic Mé
Conference paper


We propose a security audit trail analysis approach based on predefined attack scenarios and using genetic algorithms. This paper shows the validity of this approach and presents some of its problems.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Salz R. Computer Oracle and Password System (COPS). Internet Newsgroup Article (comp. sources.unix), 1990Google Scholar
  2. 2.
    Denning D.E. An Intrusion-Detection Model. IEEE transaction on Software Engineering 1987; Vol.13, N∘2Google Scholar
  3. 3.
    Debar H, Becker M, Siboni D. A Neural Network Component for an Intrusion Detection System. In: Proceedings of the IEEE Symposium of Research in Computer Security and Privacy, 1992Google Scholar
  4. 4.
    Lunt T.F, Tamaru A, Gilham F, Jagannathan R, Jalali C, Javitz H.S, Valdes A, Neumann P.G. A real-Time Intrusion-Detection Expert System. SRI International, Technical Report, 1990Google Scholar
  5. 5.
    Lunt T.F, Tamaru A, Gilham F, Jagannathan R, Neumann P.G, Jalali C. IDES: A Progress Report. In: Computer Security Application, Proceedings, 1990Google Scholar
  6. 6.
    GaryeyT.D, Lunt T.F. Model-based Intrusion Detection. In: Proceedings of the 14th National Computer Security Conference , 1991Google Scholar
  7. 7.
    Aho A.V: Algorithms for Finding Patterns in Strings. In: Handbook of Theoretical Computer Science. J. Van Leeuwen, 1990Google Scholar
  8. 8.
    Goldberg D.E. Genetic Algorithms in search, Optimization and Machine Learning. AddisonWesley, 1989Google Scholar
  9. 9.
    Holland J. Adaptation in Natural and Artificial Systems. University of Michigan Press, Ann Arbor, 1975Google Scholar
  10. 10.
    Lawrence Davis and al. Handbook of Genetic Algorithms. Lawrence Davis, 1991Google Scholar
  11. 11.
    Davidor Y. An Intuitive Introduction to Genetic Algorithms as Adaptative Optimizing Procedures. Weizmann Institute of Science, Technical Report CS90-07, 1990Google Scholar
  12. 12.
    Mé L. Algorithmes génétiques. SUPÉLEC, Rapport interne 93-001, 1993Google Scholar
  13. 13.
    Peng Y, Reggia J.E. A Probabilistic Causal Model for Diagnostic Problem Solving — Part 1: Integrating Symbolic Causal Inference with Numeric Probabilistic Inference. In: IEEE transaction on Systems, man and cybernetics, 1987; Vol. 17, N∘2Google Scholar
  14. 14.
    Garey M.R, Johnson D.S. Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman, 1979Google Scholar
  15. 15.
    Liepings G. E, Hilliard M. R, Richardson J, Palmer M. Genetic algorithms applications to set covering and traveling salesman problems. In: Operations Research and Artificial Intelligence: The Integration of Problem Solving Strategie, 1990Google Scholar
  16. 16.
    Liepins G.E, Potter W.D. A Genetic Algorithm Approach to Multiple-Fault Diagnosis. In: Handbook of genetic algorithms. Lawrence Davis, 1991Google Scholar
  17. 17.
    IBM. Elements of AIX Security. IBM Technical documentation GG24-3622-01, 1991Google Scholar
  18. 18.
    Mé L. Audit de sécurité. SUPÉLEC, Rapport interne 92-002, 1992Google Scholar
  19. 19.
    Alanou V, Mé L. Une Expérience d’audit de sécurité sous AIX R3.1. In: TRIBUNIX, 1992; Vol. 8, N∘43Google Scholar
  20. 20.
    U.S. Dep. of Defense. Trusted Computer System Evaluation Criteria. DOD 5200.28-STD, 1985Google Scholar
  21. 21.
    Alanou V, Mé L. Audit de sécurité : Deuxième partie. SUPÉLEC, Rapport interne 93-002, 1993Google Scholar

Copyright information

© Springer-Verlag London Limited 1993

Authors and Affiliations

  • Ludovic Mé
    • 1
  1. 1.Laboratoire d’informatique, SUPÉLECCesson Sévigné CedexFrance

Personalised recommendations