Publication: Improving network intrusion detection by means of domain-aware genetic programming
| dc.affiliation.dpto | UC3M. Departamento de Informática | es |
| dc.affiliation.grupoinv | UC3M. Grupo de Investigación: COSEC (Computer SECurity Lab) | es |
| dc.contributor.author | Blasco Alís, Jorge | |
| dc.contributor.author | Orfila Díaz-Pabon, Agustín | |
| dc.contributor.author | Ribagorda Garnacho, Arturo | |
| dc.date.accessioned | 2010-11-12T11:10:51Z | |
| dc.date.available | 2010-11-12T11:10:51Z | |
| dc.date.issued | 2010-02 | |
| dc.description | Proceeding of: International Conference on Availability, Reliability, and Security, 2010. ARES '10, 15-18 February 2010, Krakow, Poland | |
| dc.description.abstract | One of the central areas in network intrusion detection is how to build effective systems that are able to distinguish normal from intrusive traffic. In this paper we explore the use of Genetic Programming (GP) for such a purpose. Although GP has already been studied for this task, the inner features of network intrusion detection have been systematically ignored. To avoid the blind use of GP shown in previous research, we guide the search by means of a fitness function based on recent advances on IDS evaluation. For the experimental work we use a well-known dataset (i.e. KDD- 99) that has become a standard to compare research although its drawbacks. Results clearly show that an intelligent use of GP achieves systems that are comparable (and even better in realistic conditions) to top state-of-the-art proposals in terms of effectiveness, improving them in efficiency and simplicity. | |
| dc.description.sponsorship | This work was partially supported by CDTI, Ministerio de Industria, Turismo y Comercio of Spain in collaboration with Telefónica I+D, Project SEGUR@ CENIT-2007 2004 | |
| dc.description.status | Publicado | |
| dc.format.mimetype | text/plain | |
| dc.format.mimetype | application/pdf | |
| dc.identifier.bibliographicCitation | 2010 International Conference on Availability, Reliability and Security (ARES '10), pp. 327-332 | |
| dc.identifier.doi | 10.1109/ARES.2010.53 | |
| dc.identifier.isbn | 978-1-4244-5879-0 | |
| dc.identifier.publicationfirstpage | 327 | |
| dc.identifier.publicationlastpage | 332 | |
| dc.identifier.publicationtitle | 2010 International Conference on Availability, Reliability and Security (ARES '10) | |
| dc.identifier.uri | https://hdl.handle.net/10016/9574 | |
| dc.language.iso | eng | |
| dc.publisher | IEEE | |
| dc.relation.eventdate | 15-18 February 2010 | |
| dc.relation.eventplace | Krakow (Poland) | |
| dc.relation.eventtitle | International Conference on Availability, Reliability, and Security. ARES '10, | |
| dc.relation.publisherversion | http://dx.doi.org/10.1109/ARES.2010.53 | |
| dc.rights | © IEEE | |
| dc.rights.accessRights | open access | |
| dc.subject.eciencia | Informática | |
| dc.subject.other | Effectiveness | |
| dc.subject.other | Efficiency | |
| dc.subject.other | GP | |
| dc.subject.other | Intrusion detection | |
| dc.title | Improving network intrusion detection by means of domain-aware genetic programming | |
| dc.type | conference paper | * |
| dc.type.review | PeerReviewed | |
| dspace.entity.type | Publication |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- orfila-improving-ares-2010.pdf
- Size:
- 533.56 KB
- Format:
- Adobe Portable Document Format