Boundary Expansion of Expert Systems: Incorporating Evolutionary Computation with Intrusion Detection Solutions

Author(s)

James D. Cannady Jr., Nova Southeastern UniversityFollow
Raymond C. Garcia

Document Type

Article

Publication Title

Proceedings of the 2001 IEEE SoutheastCon Conference

Publication Date

4-2001

Abstract

The work represented here utilizes evolutionary computation to improve intrusion detection techniques. Many intrusion detection techniques incorporate expert systems (e.g., ASAX, IDES, NIDES, DIDS, Hyperview, JiNao). Problems associated with expert systems are in how the rules are defined and matched against potential intruders. Going outside the rule set leaves minimal hope of detection. This work improves upon intrusion detection schemes that utilized expert systems by using an evolution strategy with combinations of attack signatures as individual characteristics. The overall strength is in viewing the rule-matching problem as an optimization problem.

DOI

10.1109/SECON.2001.923095

First Page

96

Last Page

99

NSUWorks Citation

Cannady, James D. Jr. and Garcia, Raymond C., "Boundary Expansion of Expert Systems: Incorporating Evolutionary Computation with Intrusion Detection Solutions" (2001). CCE Faculty Articles. 459.
https://nsuworks.nova.edu/gscis_facarticles/459