 |
    |
A Linear Genetic Programming Approach to Intrusion Detection
Dong Song, Malcolm I. Heywood, and A. Nur Zincir-Heywood
Dalhousie University
Faculty of Computer Science
6040 University Avenue
Halifax, NS, B3H 1W5, Canada
{dsong,mheywood,zincir}@cs.dal.ca
Abstract. Page-based Linear Genetic Programming (GP) is proposed and implemented with two-layer Subset Selection to address a two-class intrusion detection classification problem as defined by the KDD-99 benchmark dataset. By careful adjustment of the relationship between subset layers, over fitting by individuals to specific subsets is avoided. Moreover, efficient training on a dataset of 500,000 patterns is demonstrated. Unlike the current approaches to this benchmark, the learning algorithm is also responsible for deriving useful temporal features. Following evolution, decoding of a GP individual demonstrates that the solution is unique and comparative to hand coded solutions found by experts.
LNCS 2724, p. 2325 ff.
lncs@springer.de
© Springer-Verlag Berlin Heidelberg 2003