基于遗传规划的网络异常检测规则的演化研究.pdfVIP

计算机研究与发展 ISSN1000—1239／CN11—1777／TP of Researchand 42(增刊)：167～172，2005 JournalComputer Development 基于遗传规划的网络异常检测规则的演化 尹传环 田盛丰 牟少敏 (北京交通大学计算机与信息技术学院北京 100044) (chhyin@center．njtu．edu．ca) Genetic toEvolveLearnedRulesforNetwork Applying Programming Anomaly Detection YinChuanhuan，Tian MuShaomin Shengfeng，and (School and 100044) ofComputerInformationTechnology，BeijingJiaotongUniversity，Beijing is to AbstractAGP．basedrule is for attacksonnetwork．GPused learningapproachpresenteddetecting initiallearnedrules Lincoln evolvenewrulesfromthe DARPA]MIT throughgeneticoperations．The for off．1ineintrusiondetectionevaluationdatasetisthemost used benchmark Laboratory widelypublic of artifactsattributeswouldcause intrusiondetection the simulation testing systems．Butpresence many attacksinthisdatasettobe detected．Inordertoeliminatetheir onintrusion easily negativeimpact attributesareomittedinthe ofboth and resultsshowthat detection，these processestrainingtesting．The rule candetectmost 84of148attacksat100falsealarms GP—basedlearningapproach attacks，finding theabsenceofseveralsimulationartifactsattributes． despite wordsintrusion rule Key detection；anomal