Boundary Expansion of Expert Systems: Incorporating Evolutionary Computation with Intrusion Detection Solutions
Proceedings of the 2001 IEEE SoutheastCon Conference
The work represented here utilizes evolutionary computation to improve intrusion detection techniques. Many intrusion detection techniques incorporate expert systems (e.g., ASAX, IDES, NIDES, DIDS, Hyperview, JiNao). Problems associated with expert systems are in how the rules are defined and matched against potential intruders. Going outside the rule set leaves minimal hope of detection. This work improves upon intrusion detection schemes that utilized expert systems by using an evolution strategy with combinations of attack signatures as individual characteristics. The overall strength is in viewing the rule-matching problem as an optimization problem.
Cannady, James D. Jr. and Garcia, Raymond C., "Boundary Expansion of Expert Systems: Incorporating Evolutionary Computation with Intrusion Detection Solutions" (2001). CEC Faculty Articles. 459.