Detecting new forms of network intrusion using genetic programming

Created by W.Langdon from gp-bibliography.bib Revision:1.4216

  author =       "Wei Lu and Issa Traore",
  title =        "Detecting new forms of network intrusion using genetic
  booktitle =    "Proceedings of the 2003 Congress on Evolutionary
                 Computation CEC2003",
  editor =       "Ruhul Sarker and Robert Reynolds and 
                 Hussein Abbass and Kay Chen Tan and Bob McKay and Daryl Essam and 
                 Tom Gedeon",
  pages =        "2165--2172",
  year =         "2003",
  publisher =    "IEEE Press",
  address =      "Canberra",
  publisher_address = "445 Hoes Lane, P.O. Box 1331, Piscataway, NJ
                 08855-1331, USA",
  month =        "8-12 " # dec,
  organisation = "IEEE Neural Network Council (NNC), Engineers Australia
                 (IEAust), Evolutionary Programming Society (EPS),
                 Institution of Electrical Engineers (IEE)",
  keywords =     "genetic algorithms, genetic programming, Artificial
                 intelligence, Biological cells, Data structures,
                 Databases, Event detection, Genetic algorithms, Genetic
                 mutations, Intrusion detection, Testing, authorisation,
                 telecommunication security, DARPA, crossover, detection
                 rate, dropping condition operators, false alarm rate,
                 false negative rate, false positive rate, genetic
                 operators, intrusion detection systems, mutation,
                 network attacks, network intrusion, reproduction, rule
                 evolution approach, testing dataset, training
  URL =          "",
  DOI =          "doi:10.1109/CEC.2003.1299940",
  ISBN =         "0-7803-7804-0",
  abstract =     "How to find and detect novel or unknown network
                 attacks is one of the most important objectives in
                 current intrusion detection systems. In this paper, a
                 rule evolution approach based on Genetic Programming
                 (GP) for detecting novel attacks on network is
                 presented and four genetic operators namely
                 reproduction, mutation, crossover and dropping
                 condition operators are used to evolve new rules. New
                 rules are used to detect novel or known network
                 attacks. A training and testing dataset proposed by
                 DARPA is used to evolve and evaluate these new rules.
                 The proof of concept implementation shows that the rule
                 generated by GP has a low false positive rate (FPR), a
                 low false negative rate (FNR) and a high rate of
                 detecting unknown attacks. Moreover, the rule base
                 composed of new rules has high detection rate (DR) with
                 low false alarm rate (FAR).",
  notes =        "CEC 2003 - A joint meeting of the IEEE, the IEAust,
                 the EPS, and the IEE.",

Genetic Programming entries for Wei Lu Issa Traore