Tuesday, February 25, 2014

Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System

Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System


Traditional signature-based Network Intrusion Detection Systems (NIDS) suffer from high false negative rate because it can detect an intrusion only if there is an existing rule matching the particular real-time attack. The combination of Genetic Algorithms, network security schemes, and IDS practices has created a model of intelligence system that has the ability to derive new best-fit classification rules from already known attack patterns. Nevertheless, the existing NIDS approaches in this paradigm still experience substantial overhead and limited variety of resulting NIDS rules. We propose in this paper a new genetic algorithm-based NIDS called AceGA, which introduces three novel enhancements namely Wildcard Weight Penalty, Ace Comparison Elimination, and Elite's Traits Induction. It is shown that AceGA provides decreased time overhead and better rules quality. For demonstration purposes, DARPA datasets from MIT Lincoln Lab are used for training and testing the intrusion detection rules. Several simulation experiments are conducted to evaluate the efficiency and effectiveness of each of our proposed enhancements including the overall capability of AceGA to detect our selected types of attacks with satisfactory true positive and false positive rates. Additional statistical results depicting the accuracy, precision, sensitivity, and specificity of the resulting rules are thoroughly analyzed.

 Genetic Algorithms, Intrusion Detection System, Network Security, Support-Confidence Framework, Evolutionary Process.

Tanapuch Wanwarang, Machigar Ongtang, "Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System", JCIT: Journal of Convergence Information Technology, Vol. 8, No. 17, pp. 31 ~ 42, 2013



Sunday, February 23, 2014

Published my first paper.

Dear all,

I haven't been posting on this blog for quite a while now that I've graduated. Got a job at Dimension Data, a system integration firm. Life is alright.

Nevertheless, I and my professor have been able to published our paper:

"Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System"

Basically, it's about using Genetic Algorithm to auto-generate intrusion detection rules from existing rules.

Please kindly read the abstract and view the paper here:

Direct access to the paper (PDF format) here: