Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Soft Computing
Published in: Soft Computing 2/2013

01-02-2013 | Focus

A Pareto-based multi-objective evolutionary algorithm for automatic rule generation in network intrusion detection systems

Authors: J. Gómez, C. Gil, R. Baños, A. L. Márquez, F. G. Montoya, M. G. Montoya

Published in: Soft Computing | Issue 2/2013

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Attacks against computer systems are becoming more complex, making it necessary to continually improve the security systems, such as intrusion detection systems which provide security for computer systems by distinguishing between hostile and non-hostile activity. Intrusion detection systems are usually classified into two main categories according to whether they are based on misuse (signature-based) detection or on anomaly detection. With the aim of minimizing the number of wrong decisions, a new Pareto-based multi-objective evolutionary algorithm is used to optimize the automatic rule generation of a signature-based intrusion detection system (IDS). This optimizer, included within a network IDS, has been evaluated using a benchmark dataset and real traffic of a Spanish university. The results obtained in this real application show the advantages of using this multi-objective approach.
previous article A differential inclusion approach for modeling and analysis of dynamical systems under uncertainty
next article Hebbian and error-correction learning for complex-valued neurons

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now
Literature
Anchor KP, Zydallis JB, Gunsch GH, Lamont GB (2002) Extending the computer defense immune system: network intrusion detection with a multiobjective evolutionary programming approach. In: Proceedings of the First International Conference on artificial immune systems, pp 12–21
Aydin MA, Zaim AH, Ceylan KG (2009) A hybrid intrusion detection system design for computer network security. Comput Electr Eng 35(3):517–526MATHCrossRef
Bace R, Mell P (2001) Special publication on intrusion detection systems. Technical Report SP 800-31, National Institute of Standards and Technology, Gaithersburg
Barbara D, Wu N, Jajodia S (2001) Detecting novel network intrusions using Bayes estimators. In: Proceedings of first SIAM Conference on data mining, Chicago, pp 24–29
Beale J (2004) Snort 2.1 intrusion detection, 2nd edn. Syngress, USA
Coello CA, Van Veldhuizen DA, Lamont GB (2002) Evolutionary algorithms for solving multi-objective problems. Kluwer Academic, New YorkMATH
De Jong KA (2006) Evolutionary computation: a unified approach. MIT Press, CambridgeMATH
Denning DE (1987) An intrusion-detection model. IEEE Trans Softw Eng 13(2):222–232CrossRef
Díaz-Verdejo JE, García-Teodoro P, Muñoz P, Maciá-Fernández G, De Toro F (2007) A Snort-based approach for the development and deployment of hybrid IDS. IEEE Lat Am Trans 5(6):386–392CrossRef
Edge KS, Lamont GB, Raines RA (2006) Multi-objective mobile network anomaly intrusion. Int J Comput Sci Netw Secur 6(3B):187–192
Goldberg D (1989) Genetic algorithms in search, optimization and machine learning. Addison Wesley, New YorkMATH
Gómez J, Gil C, Padilla N, Baños R, Giménez C (2009) Design of a Snort-based hybrid intrusion detection system. In: Proceedings of distributed computing, artificial intelligence, bioinformatics, soft computing, and ambient assisted living. Lecture Notes in computer science, vol 5518. Springer, pp 515–522
Gómez J, Gil C, Baños R, Márquez AL, Montoya FG, Montoya MG (2011) A multi-objective evolutionary algorithm for network intrusion detection systems. In: Proceedings of the International Work-Conference on artificial neural networks. Lecture Notes in computer science, vol 6691. Springer, pp 73–80
Haag CR, Lamont GB, Williams PD, Peterson GL (2007) An artificial immune system-inspired multiobjective evolutionary algorithm with application to the detection of distributed computer network intrusions. In: Proceedings of the genetic and evolutionary computation conference, pp 2717–2724
Hajela P, Y-Lin C (1992) Genetic search strategies in multi-criterion optimal design. Struct Optim 4:99–107CrossRef
Heady R, Luger G, Maccabe A, Servilla M (1990) The architecture of a network level network intrusion detection system. Technical report CS90-20, Department of Computer Science, University of New Mexico, Mexico
Heberlein LT (1995) Network security monitor (NSM)—final report. Lawrence Livermore National Laboratory, Davis
Hwang K, Cai M, Chen Y, Qin M (2007) Hybrid intrusion detection with weighted signature generation over anomalous internet episodes. IEEE Trans Depend Secur Comput 4(1):41–55CrossRef
Lawrence Livermore National Laboratory (1998) Network intrusion detector (NID) overview. Computer Security Technology Center
Lippmann R, Haines JW, Fried DJ, Korba J, Das K (2000) The 1999 DARPA off-line intrusion detection evaluation. Comput Netw 34(4):579–595CrossRef
Ohta S, Kurebayashi R, Kobayashi K (2008) Minimizing false positives of a decision tree classifier for intrusion detection on the Internet. J Netw Syst Manag 16(4):399–419CrossRef
Onashoga SA, Akinde AD, Sodiya AS (2009) A strategic review of existing mobile agent-based intrusion detection systems. Issues Inf Sci Inf Technol 6:669–682
Pathak LD, Soh B (2006) Incorporating data mining tools into a new hybrid-IDS to detect known and unknown attacks. In: Proceedings of ubiquitous intelligence and computing. Lecture Notes in computer science, vol 4159. Springer, pp 826–834
Ptacek TH, Newsham TN (1998) Insertion, evasion, and denial of service: eluding network intrusion detection. Secure Networks, Inc., Japan
Ramasubramanian P, Kannan A (2006) A genetic-algorithm based neural network short-term forecasting framework for database intrusion prediction system. Soft Comput 10(8):699–714CrossRef
Sree PK, Babu IR, Murty JVR, Ramachandran R, Devi NSSSNU (2008) Power-aware hybrid intrusion detection system (PHIDS) using cellular automata in wireless ad hoc networks. WSEAS Trans Comput 11(7):1848–1874
Tian W, Liu J (2010) Network intrusion detection analysis with neural network and particle swarm optimization algorithm. In: Proceedings of control and decision conference, pp 1749–1752
Wuu LC, Hung CH, Chen SF (2007) Building intrusion pattern miner for Snort network intrusion detection system. J Syst Softw 80(10):1699–1715CrossRef
Ye N, Emran SM, Li X, Chen Q (2001) Statistical process control for computer intrusion detection. In: Proceedings of DARPA information survivability conference and exposition II, pp 3–14
Zitzler E, Thiele L (1999) Multiobjective evolutionary algorithms: a comparative case study and the strength Pareto approach. IEEE Trans Evol Comput 3(4):257–271CrossRef
Metadata
Title
A Pareto-based multi-objective evolutionary algorithm for automatic rule generation in network intrusion detection systems
Authors
J. Gómez
C. Gil
R. Baños
A. L. Márquez
F. G. Montoya
M. G. Montoya
Publication date
01-02-2013
Publisher
Springer-Verlag
Published in
Soft Computing / Issue 2/2013
Print ISSN: 1432-7643
Electronic ISSN: 1433-7479
DOI
https://doi.org/10.1007/s00500-012-0890-9

Other articles of this Issue 2/2013

Soft Computing 2/2013 Go to the issue

Focus

On user-centric memetic algorithms

Editorial

Advances in computational intelligence

Focus

Hebbian and error-correction learning for complex-valued neurons

Focus

A multiobjective approach based on artificial bee colony for the static routing and wavelength assignment problem

Focus

Using genetic algorithms to generate test sequences for complex timed systems

Focus

Human activity recognition based on a sensor weighting hierarchical classifier

Premium Partner

    Image Credits