| Computer Systems are exposed to an increasing number and type of security threats due to the expanding of internet in recent years. How to detect network intrusions effectively becomes an important techniques. The purpose of our research is to propose a new data mining approach based on Genetic Network Programming (GNP) for the network intrusion detection problem with high detection rate.This thesis presents a novel fuzzy class association rule mining method based on Genetic Network Programming(GNP), which can be flexibly applied to both misuse and anomaly detection in Network Intrusion Detection Problem. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database which contains both discrete and continuous attributes. In addition, sub-attribute utilization mechanism is proposed to avoid the information loss. Meanwhile, new GNP structure for association rule mining is build up so as to conduct the rule extraction step. What's more, a new fitness function which provides the fexibility of mining more new rules or mining rules with higher accuracy is given to adapt to different kinds of detection.After the extraction of class association rules, these rules are used for classification. Two different kinds of classiers are built up respectively for new connection data classication in this research. Experimental results with KDD99Cup and DAPRA98 databases from MIT Lincoln Laboratory show that the proposed method provides a competitively high detection rate compared with other machine learning techniques. Besides, this thesis will further explore the possibility of improving network intrusion detection systems' efficiency. By applying the characteristic choosing and optimizing Fuzzy class association rule mining algorithm based on GNP, systems' efficiency is gradually improved. |
PDF Full Text Request