Continuous Features Discretization for Anomaly Intrusion Detectors Generation

  • Amira Sayed A. Aziz
  • Ahmad Taher Azar
  • Aboul Ella Hassanien
  • Sanaa El-Ola Hanafy
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 223)


Network security is a growing issue, with the evolution of computer systems and expansion of attacks. Biological systems have been inspiring scientists and designs for new adaptive solutions, such as genetic algorithms. In this paper, an approach that uses the genetic algorithm to generate anomaly network intrusion detectors is used. An algorithm is proposed using a discretization method for the continuous features selection of intrusion detection, to create some homogeneity between values, which have different data types. Then, the intrusion detection system is tested against the NSL-KDD data set using different distance methods. A comparison is held amongst the results, and it is shown by the end that this proposed approach has good results, and recommendations are given for future experiments.


Genetic Algorithm Intrusion Detection System Artificial Immune System Discretization Algorithm Minimum Descriptive Length 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Open Access

This article is distributed under the terms of the Creative Commons Attribution License which permits any use, distribution, and reproduction in any medium, provided the original author(s) and the source are credited.


  1. 1.
    Haupt, R.L., Haupt, S.E.: Practical Genetic Algorithms. 2nd edn. Wiley, New York (2004)Google Scholar
  2. 2.
    Polhlheim, H.: Genetic and Evolutionary Algorithms: Principles, Methods and Algorithms. (2006)
  3. 3.
    Whitley, D.: A genetic algorithm tutorial. Stat. Comput. 4, 65–85 (1994)CrossRefGoogle Scholar
  4. 4.
    Owais, S., Snasel, V., Abraham, A.: Survey: using genetic algorithm approach in intrusion detection systems techniques, 7th computer information systems and industrial management applications. Ostrava 26–28, 300–307 (2008). doi: 10.1109/CISIM.2008.49 Google Scholar
  5. 5.
    Li, W.: Using Genetic Algorithm for Network Intrusion Detection. Proceedings of the United States Department of Energy Cyber Security Group (2004)Google Scholar
  6. 6.
    Nitchell, M.: An Introduction to Genetic Algorithms. MIT Press Cambridge, MA, USA (1998). ISBN 0262631857Google Scholar
  7. 7.
    Sengupta, N., Sil, J.: Evaluation of rough set theory based network traffic data classifier using different discretization method. IJIEE 2(3), 338–341 (2012)Google Scholar
  8. 8.
    Wa’el, M.M., Agiza, H.N., Radwan, E.: Intrusion Detection Using Rough Sets based Parallel Genetic Algorithm Hybrid Model. Proceedings of the World Congress on Engineering and Computer Science 2009 (WCECS 2009). San Francisco, USA, II, (2009)Google Scholar
  9. 9.
    Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.N., Kumar, V., Srivastava, J., Dokas, P.: MINDS—minnesota intrusion detection system. In: Data Mining—Next Generation Challenges and Future Directions. MIT Press, Cambridge (2004)Google Scholar
  10. 10.
    Aleksandar, L., Vipin, K., Jaideep, S.: Intrusion detection: a survey. In: Kumar, V. et al. (eds.) Managing Cyber Threats Issues, Approaches, and Challenges vol. 5, pp. 19–78 (2005)Google Scholar
  11. 11.
    Murali, A., Roa, M.: A survey on intrusion detection approaches. First International Conference on Information and Communication Technologies, ICICT 2005, pp. 233–240, Aug (2005)Google Scholar
  12. 12.
    Garcia-Teodora, P., Daz-Verdejo, J., Maci-Fernndez, G., Vzquez, E.: Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput. Secur. 28(1–2), 18–28 (2009)Google Scholar
  13. 13.
    Akbar, S., Chandulal, J.A., Rao, K.N., Kumar, S.: Troubleshooting techniques for intrusion detection system using genetic algorithm. Int. J. Wisdom Based Comput. 1(3), 86–92 (2011)Google Scholar
  14. 14.
    Dasgupta, D.: Advances in artificial immune systems. IEEE Comput. Intell. Mag. 1(4), 40–49 (2006)Google Scholar
  15. 15.
    Greensmith, J., Whitbrook, A., Aickelin, U.: Artificial immune systems. In: Gendreau, M., Potvin J.-Y. (eds.) Handbook of Metaheuristics, International Series in Operations Research and Management Science. Springer, Springer US. vol. 146, pp. 421–448 (2010)Google Scholar
  16. 16.
    Aickelin, U., Greensmith, J., Twycross, J.: Immune system approaches to intrusion detection—a review. In: Proceedings of the 3rd International Conference on Artificial Immune Systems (ICARIS), LNCS 3239, 316–329 (2004)Google Scholar
  17. 17.
    Dougherty, J., Kohavi, R., Sahami, M.: Supervised and Unsupervised Discretization of Continuous Features. Proceedings of the Twelfth Conference on Machine Learning 95(10), pp. 194–202 (1995)Google Scholar
  18. 18.
    Gupta, A., Mehrotra, K., Mohan, C.: A Clustering-based discretization of supervised learning. Stat. Probab. Lett., Elsevier, 80(910), 816–824 (2010)Google Scholar
  19. 19.
    Liu, H., Hussain, F., Tan, C.L., Dash, M.: Discretization: an enabling technique. Data Min. Knowl. Disc. 6(4), 393–423 (2002)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Kotsiantis, S., Kanellopoulos, D.: Discretization techniques: a recent survey. GESTS Int. Trans. Comput. Sci. Engin. 32(1), 47–58 (2006)Google Scholar
  21. 21.
    Clarke, E.J., Barton, B.A.: Entropy and MDL discretization of continuous variables for Bayesian belief networks. Int. J. Intell. Syst. 15(61), 61–92 (2000)CrossRefGoogle Scholar
  22. 22.
    Zhao, J., Zhou, Y.: New heuristic method for data discretization based on rough set theory. J. China Univ. Post. Telecommun. 16(6), 113–120 (2009)CrossRefGoogle Scholar
  23. 23.
    Joita, D.: Unsupervised Static Discretization Methods in Data Mining, Revista Mega, Byte. vol. 9 (2010)Google Scholar
  24. 24.
    Chen, S., Tang, L., Liu, W., Li, Y.: A Improved Method of Discretization of Continuous. Attribute, 2011 2nd International Conference on Challenges in Environmental Science and Computer Engineering (CESCE 2011), Elsevier, 11(A), 213–217 (2011)Google Scholar
  25. 25.
    Ferreira, A.J., Figueiredo, M.A.: An unsupervised approach to feature discretization and selection. Pattern Recogn. 45(9), 3048–3060 (2012)Google Scholar
  26. 26.
    Aziz, A.S.A., Salama, M., Hassanien, A.E., Hanafi, S.O.: Detectors Generation using Genetic Algorithm for a Negative Selection Inspired Anomaly Network Intrusion Detection System. Proceedings of the IEEE FedCSIS, Wroclaw, Poland, pp. 625–663, ISBN:978-83-60810-51-4 (2012)Google Scholar
  27. 27.
    Powers, S.T., He, J.: A hybrid artificial immune system and self-organizing map for network intrusion detection. Int. J. Comput. Inf. Sci., Elsevier, 178(15), 3024–3042 (2008)Google Scholar
  28. 28.
    Goyal, A., Kumar, C.: GA-NIDS: A genetic algorithm based network intrusion detection system. A Project at Electrical Engineering and Computer Science, Northwestern University, Evanston, IL, (2007)
  29. 29.
    He, M.X., Peroukhov, S.V., Ricci, P.E.: Genetic code, hamming distance, and stochastic matrices. Bull. Math. Biol. 66(5), 1405–1421 (2004). doi: 10.1016/j.bulm.2004.01.002 MathSciNetCrossRefGoogle Scholar
  30. 30.
    Kotnarowski, M.: Measurement of distance between voters and political parties—different approaches and their consequences, 3rd ECPR Graduate Conference. Dublin (2010)Google Scholar
  31. 31.
  32. 32.
    Tavallaee, M., Nagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD Cup 99 data set. Proceedings of the 2009 IEEE Symposium Computational Intelligence for Security and Defense Applications, CISDA09 (2009)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Amira Sayed A. Aziz
    • 2
    • 1
  • Ahmad Taher Azar
    • 2
    • 3
  • Aboul Ella Hassanien
    • 4
  • Sanaa El-Ola Hanafy
    • 5
  1. 1.French University in Egypt (UFE)Shorouk CityEgypt
  2. 2.Scientific Research Group in Egypt (SRGE)CairoEgypt
  3. 3.Misr University for Science & Technology (MUST)6th of October CityEgypt
  4. 4.Chairman of Scientific Research Group in Egypt (SRGE)CairoEgypt
  5. 5.Faculty of Computers and InformationCairo UniversityCairoEgypt

Personalised recommendations