As our reliance on the Internet continues to grow, the need for secure, reliable networks also increases. Using a modified genetic algorithm and a switch-based neural network model, this thesis outlines the creation of a powerful intrusion detection system (IDS) capable of detecting network attacks. A significant amount of research has already been conducted on intrusion detection, particularly in relation to data mining. The classification of network traffic to identify attacks based on Self-Organizing Maps, Support Vector Machines, Ant Colony Optimization and Genetic Algorithm are commonly used.Lots of research has been conducted on tuning neural networks with genetic algorithm and one of which is the Modified Genetic Algorithm. The major advantage of the Modified Genetic Algorithm is that it achieves better results in less time than most of the traditional genetic algorithms. And the algorithm is specifically designed and tested for the purposes of training neural network parameters. Yet there are still certain improvements could be made. For instance, the user-defined parameters, the static acceptance probability and the wasted crossover offsprings. The solving of these problems listed above could effectively reduce the demand of human interaction and the possibility of human error. It can also reduce the time of training neural networks.While a number of algorithms are capable of tuning the weights in a neural network, there are few that are able to adjust the network’s size and structure. To solve this problem, this thesis proposes a model based on the Modified Neural Network which makes the genetic algorithm able to adjust the topology of neural networks by adding switches on the connections. This thesis extend this manner by adding switches on both connections and hidden nodes thus remove the need of setting the number of hidden nodes in advance.Based on the Modified Genetic Algorithm and the Modified Neural Network, this thesis proposes a new genetic algorithm and neural network combination and makes following improvements. It is capable of tuning not only the weighting of neural networks, but also the size and topology. It adds switches to not only the connections, but also the hidden nodes of neural networks. And the including of the size of the network in the fitness function makes the network both simple and effective.The new genetic algorithm is tested against traditional and other modified genetic algorithms using common benchmark functions, and is found to produce better results in less time, and with less human interaction. The simulation program is coded in C++.The IDS is tested using the standard benchmark data collection for intrusion detection:the DARPA98KDD99set. Results are found to be comparable to those achieved using ant colony optimization, and superior to those obtained with support vector machines and other genetic algorithms. |