Εξόρυξη δικτυακών εισβολών με χρήση γενετικών αλγορίθμων
Χρυσολωράς, Γεώργιος Θ.
SubjectΑλγόριθμοι ; Ηλεκτρονικοί υπολογιστές -- Δίκτυα -- Μέτρα ασφαλείας ; Εξόρυξη δεδομένων ; Λογισμικό εφαρμογών -- Ανάπτυξη
Computer networks have to cope with security threats and attacks on an everyday basis. Despite the contemporary tools and methods built for security assurance, it is still difficult to protect computer networks. Intrusion detection systems play an important role in identifying malevolent actions and attacks, while acting as a tool for a better security policy. There are various soft computing approaches in detecting intrusions to a computer network. Still, there are a lot of possibilities for these techniques to be improved in terms of speed, accuracy and adaptability. In this work a Genetic Algorithm approach is presented that detects intrusions and its software implementation. The Genetic Algorithm is trained towards some network audit data in order to derive a set of intrusion rules. The mined rules are applied to classify network activity into "normal" or "intrusion". The KDD99Cup training dataset is used for training the algorithm. The number of network features used was small in order to speed up the training and detection procedure and to be feasible in a real world environment. The results using KDD99 dataset are acceptable, keeping the detection rate high while maintaining small training time.