Title :
Using Genetic Algorithm to Improve an Online Response System for Anomaly Traffic by Incremental Mining
Author :
Su, Ming-Yang ; Yeh, Sheng-Cheng ; Lin, Chun-Yuen ; Tsai, Chen-Han
Author_Institution :
Dept. of Comput. Sci. & Inf. Eng., Ming Chuan Univ., Taoyuan, Taiwan
Abstract :
This paper presents an online real-time network response system, which can determine whether a LAN is suffering from a flooding attack within a very short time unit. The detection engine of the system is based on the incremental mining of fuzzy association rules from network packets, in which membership functions of fuzzy variables are optimized by a genetic algorithm. The proposed online system belongs to anomaly detection, not misuse detection. Moreover, a mechanism for dynamic firewall updating is embedded in the proposed system for the function of eliminating suspicious connections when necessary.
Keywords :
computer network security; data mining; fuzzy set theory; genetic algorithms; local area networks; telecommunication traffic; LAN; anomaly traffic; firewall update; flooding attack; fuzzy association rules; genetic algorithm; incremental mining; online response system; Association rules; Biological cells; Databases; Floods; Genetics; IP networks; Intrusion detection; Fuzzy association rules; anomaly detection; genetic algorithm; membership functions; online incremental mining;
Conference_Titel :
Parallel and Distributed Processing with Applications (ISPA), 2010 International Symposium on
Conference_Location :
Taipei
Print_ISBN :
978-1-4244-8095-1
Electronic_ISBN :
978-0-7695-4190-7
DOI :
10.1109/ISPA.2010.75
