![]() | Only 14 pages are availabe for public view |
Abstract Abstract The Internet is becoming increasingly popular and web applications play a significant role in our life. Attack is made by someone with evil intentions to gain unauthorized access or make unauthorized use of an asset. Due to the growing number of users, networking resources and attacks also, which cause us to develop new techniques that can secure and protect the network resources against these attacks. This problem has given rise to research on intrusion detection systems. It becomes the vital component in the network infrastructure. Intrusion detection is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. The goals of network intrusion detection are to determine, categorize and possibly respond to abnormal activities. There are essentially two types of intrusion detection systems namely anomaly detection and misuse detection. System based on anomaly detection first learns normal system activities and then alerts all system events that deviate from the learned model and misuse detection uses the signature of attacks to detect intrusions by modeling attacks. The field of network security and network intrusion detection has been around since late 1990s. Since then, a number of frameworks and methodologies have been proposed and many tools have been built to detect network intrusion. Different methodologies such as rule-based algorithm, classification, clustering, genetic algorithms, support vector machines, hybrid classification and others have been applied to detect network intrusions. In this thesis, a new hybrid intrusion detection system by using accelerated genetic algorithm and rough set theory (AGAAR) for data feature reduction, and genetic programming with local search (GPLS) for data classification. The AGAAR method is used to select the most relevant attributes that can represent an intrusion detection dataset. In order to improve the performance of GPLS classifier, a new local search strategy is used with genetic programming operators. The main target of using local search strategy is to discover the better solution from the current. The results shown later indicate that classification accuracy iii improved from 75.98% to 81.44% after using AGAAR attribute reduction for the NSLKDD dataset. The classification accuracies have been compared with others algorithms and shown that the proposed method can be one of the competitive classifiers for intrusion detection system. |