Detectors generation using genetic algorithm for a negative selection inspired anomaly network intrusion detection system

This paper presents an approach for detecting network traffic anomalies using detectors generated by a genetic algorithm with deterministic crowding Niching technique. Particularly, the suggested approach is inspired by the negative selection mechanism of the immune system that can detect foreign patterns in the complement (non-self) space. In our paper, we run a number of experiments on the relatively new NSL-KDD data set which was never tested against this algorithm before our work. We run the test using different values for the involved parameters, to find out which values give the best detection rates, so we can give recommendations for future application of the algorithm. Also, Formal Concept Analysis is applied on the generated rules to visualize the relation among attributes. We will show in the results that the algorithm have very good results through the analysis, compared to other machine learning approaches.