IEEE Access (Jan 2020)
A Hybrid Nested Genetic-Fuzzy Algorithm Framework for Intrusion Detection and Attacks
Abstract
Intrusion Detection System (IDS) plays a very important role in security systems. Among its different types, Network Intrusion Detection System (NIDS) has an effective role in monitoring computer networks systems for malicious and illegal activities. In the literature, the detection of DoS and Probe attacks were with reasonable accuracy in most of the NIDS researches. However, the detection accuracy of other categories of attacks is still low, such as the R2L and U2R in KDDCUP99 dataset along with the Backdoors and Worms in UNSW-NB15 dataset. Computational Intelligence (CI) techniques have the characteristics to address such imprecision problem. In this research, a Hybrid Nested Genetic-Fuzzy Algorithm (HNGFA) framework has been developed to produce highly optimized outputs for security experts in classifying both major and minor categories of attacks. The adaptive model is evolved using two-nested Genetic-Fuzzy Algorithms (GFA). Each GFA consists of two-nested Genetic Algorithms (GA). The outer is to evolve fuzzy sets and the inner is to evolve fuzzy rules. The outer GFA assists the inner GFA in training phase, where the best individual in outer GFA interacts with the weak individual in inner GFA to generate new solutions that enhance the prediction of mutated attacks. Both GFA interact together to evolve the best rules for normal, major and minor categories of attacks through the optimization process. Several experiments have been conducted with different settings over different datasets. The obtained results show that the developed model has good accuracy and is more efficient compared with several state-of-the-art techniques.
Keywords