Powers, Simon T. and He, Jun
Evolving discrete-valued anomaly detectors for a network intrusion detection system using negative selection.
In, the 6th UK Workshop on Computational Intelligence (UKCI'06), University of Leeds,
Network intrusion detection is the problem of detecting unauthorised use of, or access to, computer systems over a network. One approach is anomaly detection, where deviations from a model of normal network activity are reported. The negative selection algorithm, inspired by the immune system, can be used to generate anomaly detectors. Previous work has applied a genetic algorithm to generate real-valued detectors. However, we argue that at least some discrete fields are required in detectors, e.g. the port number. The system reported in this paper evolves discrete-valued detectors, which we show are able to outperform real-valued detectors.
Actions (login required)