Title :
Boundary expansion of expert systems: incorporating evolutionary computation with intrusion detection solutions
Author :
Garcia, Raymond C. ; Cannady, James
Author_Institution :
Comput. Sci. & Inf. Technol. Div., Georgia Tech. Res. Inst., Atlanta, GA, USA
Abstract :
The work represented here utilizes evolutionary computation to improve intrusion detection techniques. Many intrusion detection techniques incorporate expert systems (e.g., ASAX, IDES, NIDES, DIDS, Hyperview, JiNao). Problems associated with expert systems are in how the rules are defined and matched against potential intruders. Going outside the rule set leaves minimal hope of detection. This work improves upon intrusion detection schemes that utilized expert systems by using an evolution strategy with combinations of attack signatures as individual characteristics. The overall strength is in viewing the rule-matching problem as an optimization problem
Keywords :
computer networks; evolutionary computation; expert systems; security of data; telecommunication security; ASAX; DIDS; Hyperview; IDES; JiNao; NIDES; attack signatures; boundary expansion; computer networks; computer systems; evolution strategy; evolutionary computation; expert systems; intrusion detection; optimization problem; rule-matching problem; secure information systems; system usage monitoring; Computer science; Evolutionary computation; Expert systems; Humans; Information security; Information technology; Intrusion detection; Laboratories; Pattern analysis; Telecommunication computing;
Conference_Titel :
SoutheastCon 2001. Proceedings. IEEE
Conference_Location :
Clemson, SC
Print_ISBN :
0-7803-6748-0
DOI :
10.1109/SECON.2001.923095
