Department of Information Technology, Faculty of Computers and Information, Menofiya University, Shebin El Kom, Menofiya, Egypt.
Department of Computer Systems, Faculty of Computers and Information, Ain Shams University, Cairo, Egypt.
J Adv Res. 2015 Jul;6(4):609-19. doi: 10.1016/j.jare.2014.02.009. Epub 2014 Mar 5.
Network intrusion detection based on anomaly detection techniques has a significant role in protecting networks and systems against harmful activities. Different metaheuristic techniques have been used for anomaly detector generation. Yet, reported literature has not studied the use of the multi-start metaheuristic method for detector generation. This paper proposes a hybrid approach for anomaly detection in large scale datasets using detectors generated based on multi-start metaheuristic method and genetic algorithms. The proposed approach has taken some inspiration of negative selection-based detector generation. The evaluation of this approach is performed using NSL-KDD dataset which is a modified version of the widely used KDD CUP 99 dataset. The results show its effectiveness in generating a suitable number of detectors with an accuracy of 96.1% compared to other competitors of machine learning algorithms.
基于异常检测技术的网络入侵检测在保护网络和系统免受恶意活动方面发挥着重要作用。不同的启发式技术已被用于异常检测器的生成。然而,已有的文献尚未研究使用多起始启发式方法进行检测器生成。本文提出了一种使用基于多起始启发式方法和遗传算法生成的检测器在大规模数据集上进行异常检测的混合方法。该方法从基于负选择的检测器生成中得到了一些启发。使用 NSL-KDD 数据集对该方法进行了评估,该数据集是广泛使用的 KDD CUP 99 数据集的一个修改版本。结果表明,与其他机器学习算法的竞争对手相比,该方法在生成具有 96.1%准确率的适当数量的检测器方面非常有效。
