Abstract
Classification of intrusion attacks and normal network traffic is a challenging and critical problem in pattern recognition and network security. In this paper, we present a novel intrusion detection approach to extract both accurate and interpretable fuzzy IF-THEN rules from network traffic data for classification. The proposed fuzzy rule-based system is evolved from an agent-based evolutionary framework and multi-objective optimization. In addition, the proposed system can also act as a genetic feature selection wrapper to search for an optimal feature subset for dimensionality reduction. To evaluate the classification and feature selection performance of our approach, it is compared with some well-known classifiers as well as feature selection filters and wrappers. The extensive experimental results on the KDD-Cup99 intrusion detection benchmark data set demonstrate that the proposed approach produces interpretable fuzzy systems, and outperforms other classifiers and wrappers by providing the highest detection accuracy for intrusion attacks and low false alarm rate for normal network traffic with minimized number of features. © 2007 Pattern Recognition Society.
Original language | English |
---|---|
Pages (from-to) | 2373-2391 |
Journal | Pattern Recognition |
Volume | 40 |
Issue number | 9 |
DOIs | |
Publication status | Published - Sept 2007 |
Externally published | Yes |
Funding
The work described in this paper was supported by a grant from City University Strategic Grant 7001955.
Keywords
- Feature selection
- Fuzzy classifier
- Genetic algorithms
- Intrusion detection
- Multi-objective optimization