Applying Cartesian Genetic Programming to Evolve Rules for Intrusion Detection System

Hasanen Alyasiri, John Clark, Daniel Kudenko

Abstract

With cyber-attacks becoming a regular feature in daily business and attackers continuously evolving their techniques, we are witnessing ever more sophisticated and targeted threats. Various artificial intelligence algorithms have been deployed to analyse such incidents. Extracting knowledge allows the discovery of new attack methods, intrusion scenarios, and attackers’ objectives and strategies, all of which can help distinguish attacks from legitimate behaviour. Among those algorithms, Evolutionary Computation (EC) techniques have seen significant application. Research has shown it is possible to utilize EC methods to construct IDS detection rules. In this paper, we show how Cartesian Genetic Programming (CGP) can construct the behaviour rule upon which an intrusion detection will be able to make decisions regarding the nature of the activity observed in the system. The CGP framework evolves human readable solutions that provide an explanation of the logic behind its evolved decisions. Experiments are conducted on up-to-date cybersecurity datasets and compared with state of the art paradigms. We also introduce ensemble learning paradigm, indicating how CGP can be used as stacking technique to improve the learning performance.

Download


Paper Citation


in Harvard Style

Alyasiri H., Clark J. and Kudenko D. (2018). Applying Cartesian Genetic Programming to Evolve Rules for Intrusion Detection System.In Proceedings of the 10th International Joint Conference on Computational Intelligence - Volume 1: IJCCI, ISBN 978-989-758-327-8, pages 176-183. DOI: 10.5220/0006925901760183


in Bibtex Style

@conference{ijcci18,
author={Hasanen Alyasiri and John Clark and Daniel Kudenko},
title={Applying Cartesian Genetic Programming to Evolve Rules for Intrusion Detection System},
booktitle={Proceedings of the 10th International Joint Conference on Computational Intelligence - Volume 1: IJCCI,},
year={2018},
pages={176-183},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006925901760183},
isbn={978-989-758-327-8},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 10th International Joint Conference on Computational Intelligence - Volume 1: IJCCI,
TI - Applying Cartesian Genetic Programming to Evolve Rules for Intrusion Detection System
SN - 978-989-758-327-8
AU - Alyasiri H.
AU - Clark J.
AU - Kudenko D.
PY - 2018
SP - 176
EP - 183
DO - 10.5220/0006925901760183