الفهرس 
Abstract
IntroductionOnly 14 pages are availabe for public view
 |  | from | 32 |  |  |
| | | from | 32 | | |
Abstract
Abstract
The Internet is becoming increasingly popular and web applications play a significant role
in our life. Attack is made by someone with evil intentions to gain unauthorized access
or make unauthorized use of an asset. Due to the growing number of users, networking
resources and attacks also, which cause us to develop new techniques that can secure and
protect the network resources against these attacks. This problem has given rise to research
on intrusion detection systems. It becomes the vital component in the network infrastructure.
Intrusion detection is a device or software application that monitors network or system
activities for malicious activities or policy violations and produces reports to a management
station. The goals of network intrusion detection are to determine, categorize and possibly
respond to abnormal activities. There are essentially two types of intrusion detection systems
namely anomaly detection and misuse detection. System based on anomaly detection
first learns normal system activities and then alerts all system events that deviate from the
learned model and misuse detection uses the signature of attacks to detect intrusions by
modeling attacks.
The field of network security and network intrusion detection has been around since
late 1990s. Since then, a number of frameworks and methodologies have been proposed
and many tools have been built to detect network intrusion. Different methodologies such
as rule-based algorithm, classification, clustering, genetic algorithms, support vector machines,
hybrid classification and others have been applied to detect network intrusions. In
this thesis, a new hybrid intrusion detection system by using accelerated genetic algorithm
and rough set theory (AGAAR) for data feature reduction, and genetic programming with
local search (GPLS) for data classification. The AGAAR method is used to select the most
relevant attributes that can represent an intrusion detection dataset. In order to improve
the performance of GPLS classifier, a new local search strategy is used with genetic programming
operators. The main target of using local search strategy is to discover the better
solution from the current. The results shown later indicate that classification accuracy
iii
improved from 75.98% to 81.44% after using AGAAR attribute reduction for the NSLKDD
dataset. The classification accuracies have been compared with others algorithms
and shown that the proposed method can be one of the competitive classifiers for intrusion
detection system.