Intrusion Detection systems are increasingly a key part of system defence. Various approaches to Intrusion Detection are currently being used but false alarm rate is higher in those approaches. Network Intrusion Detection involves differentiating the attacks like DOS, U2L, R2L and Probe from the Normal user on the internet. Due to the variety of network behaviors and the rapid development of attack fashions, it's necessary to develop an efficient model to detect all kinds of attacks. Building an effective IDS is an enormous knowledge engineering task. Characteristics of computational intelligence systems such as adaptation, fault tolerance, high computational speed and error resilience in the face of noisy information fit the requirements of building a good intrusion model. In this paper, we propose a network intrusion detection model based on evolutionary optimization technique called Genetic Network Programming (GNP) with sub attribute utilization mechanism. The proposed model is evaluated using KDDCup99 Dataset for misuse detection and using DARPA 98 Dataset for anomaly detection, which shows higher detection rate as well as low false alarm rate.

1. H. Debar, M. Dacier, A. Wespi, "Towards a taxonomy of intrusion-detection systems", Computer Networks 31 (8) (1999) 805-822
2. S. Chebrolu, A. Abraham, and J. P. Thomas, "Feature deduction and ensemble design of intrusion detection systems", Comput. Secur. vol. 24, no. 4,pp, 295-307, Jun. 2005.
3. K. Shimada, K. Hirasawa, and J. Hu, "Class association rule mining with chi-squared test using genetic network programming," in Proc. IEEE Int. Conf. Syst. , Man, Cybern. , 2006, pp. 5338–5344.
4. J. M. Bonifacio, Jr. , A. M. Cansian, A. C. P. L. F. De Carvalho, and E. S. Moreira, "Neural networks applied in intrusion detection systems," in Proc. IEEE Int. Joint Conf. Neural Netw. , 1998, vol. 1, pp. 205–210.
5. J. Mill and A. Inoue, "Support vector classifiers and network intrusion detection," in Proc. Int. Conf. Fuzzy Syst. , 2004, vol. 1, pp. 407–410.
6. J. Hoglund, K. Hatonen, and A. S. Sorvari, "A computer host based user anomaly detection system using the self-organizing map," in Proc. Int. Joint Conf. Neural Netw. , 2000, vol. 5, pp. 411–416. .
7. S. M. Bridges, R. B. Vaughn, Fuzzy data mining and genetic algorithms applied to intrusion detection in: Proceedings of the 23rd National Information Systems Security Conference, 2000, pp. 13 -31.
8. G. Florez, S. M. Bridges, R. B. Vaughn, An improved algorithm for fuzzy data mining for intrusion detection in: Proceedings of the 21st International Conference of the NAFIPS'02, pp, 457-462.
9. S-B, Cho, Incorporating soft Computing techniques into a probabilistic intrusion detection system, IEEE transactions on Systems, Man and Cybernetics: Part C: Applications and Reviews 32 (2) (2002) 154-160.
10. Wei Lu and Issa Traore, "Detecting new forms of network intrusion using genetic programming". Journal of Computational Intelligence, volume 20. (2004).
11. Shelly Xiaonan, Wolfgang Banzhaf, "The use of computational intelligence in intrusion detection systems: A review", Science Direct-Applied Soft Computing 10 (2010) 1–35.
12. S. Mabu, K. Hirasawa, and J. Hu, "A graph-based evolutionary algorithm: Genetic network programming (GNP) and its extension using reinforcement learning," Evol. Comput. , vol. 15, no. 3, pp. 369–398, 2007.

Anomaly Detection Fuzzy Data Mining Genetic Network Programming Misuse Detection