Title :
An application of decision support to network intrusion detection
Author :
Yang, Hongyu ; Xie, Lixia ; Sun, Jizhou
Author_Institution :
Software Base, Civil Aviation Univ. of China, Tianjin, China
Abstract :
This paper describes the design of a decision support module (DSM) for an intrusion detection system, which can provide active detection and automated response support during intrusions. The primary function of the decision support module is to provide recommended actions and alternatives and the implications of each recommended action. In the decision support module, the GA (genetic algorithm) was run over a subset of the data, called the training data, and then tested over the entire data set to test real-world performance. The model generated by this GA was based on a new method of data analysis for the intrusion detection problem. Each node in the model´s decision tree was designed to hold a randomized coefficient for the data, so that this coefficient multiplied by the data would yield a weight for the certainty of whether a certain record was an attack or not. The coefficients were based on ephemeral random constants (ERC), random numbers generated by the GA specific to mathematical modeling.
Keywords :
authorisation; computer network management; decision support systems; decision trees; genetic algorithms; random number generation; GA; active detection; automated response support; certainty weight; data analysis; decision support module; decision tree; ephemeral random constants; genetic algorithm; mathematical modeling; network intrusion detection; random number generation; randomized coefficient; real-world performance; training data; Application software; Computer displays; Computer science; Computer security; Genetic algorithms; Intrusion detection; Telecommunication traffic; Testing; Training data; Watches;
Conference_Titel :
Electrical and Computer Engineering, 2004. Canadian Conference on
Print_ISBN :
0-7803-8253-6
DOI :
10.1109/CCECE.2004.1349741
