GNP-based fuzzy class-association-rule mining with sub-attribute utilization

Abhishek Ranjan, Rajalakshmi Selvaraj, Venu Madhav Kuthadi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose a novel fuzzy class-association rule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important class association rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. An incomplete database includes missing data in some tuples; however, the proposed method can extract important rules using these tuples. The GNP-Based Fuzzy Class- Association-Rule Mining performs in existing data only it cannot newly added Intrusion. Therefore we present Intrusion Detection Systems based on analyzing process traces. It also include following steps in GNP-Based Fuzzy Class- Association-Rule Process data model as a mathematical representation of normal behavior Improving the process data model improves the model of normal behavior. It should represent the underlying truth of normalcy of the data Uses cluster centers or centroids Uses distances away from the centroids Convert the Data to the Training Data.

Original languageEnglish
Title of host publicationProceedings of the IADIS International Conference Information Systems 2012, IS 2012
EditorsPedro Isaias, Luis Rodrigues, Miguel Baptista Nunes, Philip Powell
PublisherIADIS
Pages11-17
Number of pages7
ISBN (Electronic)9789728939687
Publication statusPublished - Jan 1 2012
EventIADIS International Conference on Information Systems 2012, IS 2012 - Berlin, Germany
Duration: Mar 10 2012Mar 12 2012

Other

OtherIADIS International Conference on Information Systems 2012, IS 2012
CountryGermany
CityBerlin
Period3/10/123/12/12

Fingerprint

Association rules
Intrusion detection
Data structures
Internet
Fuzzy set theory
Genetic programming
Directed graphs
Reusability
Security of data
Security systems
Learning systems
Genetic algorithms

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems
  • Software

Cite this

Ranjan, A., Selvaraj, R., & Kuthadi, V. M. (2012). GNP-based fuzzy class-association-rule mining with sub-attribute utilization. In P. Isaias, L. Rodrigues, M. B. Nunes, & P. Powell (Eds.), Proceedings of the IADIS International Conference Information Systems 2012, IS 2012 (pp. 11-17). IADIS.
Ranjan, Abhishek ; Selvaraj, Rajalakshmi ; Kuthadi, Venu Madhav. / GNP-based fuzzy class-association-rule mining with sub-attribute utilization. Proceedings of the IADIS International Conference Information Systems 2012, IS 2012. editor / Pedro Isaias ; Luis Rodrigues ; Miguel Baptista Nunes ; Philip Powell. IADIS, 2012. pp. 11-17
@inproceedings{421ee205f29f46cbbbb069d1b1dd703a,
title = "GNP-based fuzzy class-association-rule mining with sub-attribute utilization",
abstract = "Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose a novel fuzzy class-association rule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important class association rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. An incomplete database includes missing data in some tuples; however, the proposed method can extract important rules using these tuples. The GNP-Based Fuzzy Class- Association-Rule Mining performs in existing data only it cannot newly added Intrusion. Therefore we present Intrusion Detection Systems based on analyzing process traces. It also include following steps in GNP-Based Fuzzy Class- Association-Rule Process data model as a mathematical representation of normal behavior Improving the process data model improves the model of normal behavior. It should represent the underlying truth of normalcy of the data Uses cluster centers or centroids Uses distances away from the centroids Convert the Data to the Training Data.",
author = "Abhishek Ranjan and Rajalakshmi Selvaraj and Kuthadi, {Venu Madhav}",
year = "2012",
month = "1",
day = "1",
language = "English",
pages = "11--17",
editor = "Pedro Isaias and Luis Rodrigues and Nunes, {Miguel Baptista} and Philip Powell",
booktitle = "Proceedings of the IADIS International Conference Information Systems 2012, IS 2012",
publisher = "IADIS",

}

Ranjan, A, Selvaraj, R & Kuthadi, VM 2012, GNP-based fuzzy class-association-rule mining with sub-attribute utilization. in P Isaias, L Rodrigues, MB Nunes & P Powell (eds), Proceedings of the IADIS International Conference Information Systems 2012, IS 2012. IADIS, pp. 11-17, IADIS International Conference on Information Systems 2012, IS 2012, Berlin, Germany, 3/10/12.

GNP-based fuzzy class-association-rule mining with sub-attribute utilization. / Ranjan, Abhishek; Selvaraj, Rajalakshmi; Kuthadi, Venu Madhav.

Proceedings of the IADIS International Conference Information Systems 2012, IS 2012. ed. / Pedro Isaias; Luis Rodrigues; Miguel Baptista Nunes; Philip Powell. IADIS, 2012. p. 11-17.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - GNP-based fuzzy class-association-rule mining with sub-attribute utilization

AU - Ranjan, Abhishek

AU - Selvaraj, Rajalakshmi

AU - Kuthadi, Venu Madhav

PY - 2012/1/1

Y1 - 2012/1/1

N2 - Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose a novel fuzzy class-association rule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important class association rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. An incomplete database includes missing data in some tuples; however, the proposed method can extract important rules using these tuples. The GNP-Based Fuzzy Class- Association-Rule Mining performs in existing data only it cannot newly added Intrusion. Therefore we present Intrusion Detection Systems based on analyzing process traces. It also include following steps in GNP-Based Fuzzy Class- Association-Rule Process data model as a mathematical representation of normal behavior Improving the process data model improves the model of normal behavior. It should represent the underlying truth of normalcy of the data Uses cluster centers or centroids Uses distances away from the centroids Convert the Data to the Training Data.

AB - Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose a novel fuzzy class-association rule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important class association rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. An incomplete database includes missing data in some tuples; however, the proposed method can extract important rules using these tuples. The GNP-Based Fuzzy Class- Association-Rule Mining performs in existing data only it cannot newly added Intrusion. Therefore we present Intrusion Detection Systems based on analyzing process traces. It also include following steps in GNP-Based Fuzzy Class- Association-Rule Process data model as a mathematical representation of normal behavior Improving the process data model improves the model of normal behavior. It should represent the underlying truth of normalcy of the data Uses cluster centers or centroids Uses distances away from the centroids Convert the Data to the Training Data.

UR - http://www.scopus.com/inward/record.url?scp=84944048602&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84944048602&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84944048602

SP - 11

EP - 17

BT - Proceedings of the IADIS International Conference Information Systems 2012, IS 2012

A2 - Isaias, Pedro

A2 - Rodrigues, Luis

A2 - Nunes, Miguel Baptista

A2 - Powell, Philip

PB - IADIS

ER -

Ranjan A, Selvaraj R, Kuthadi VM. GNP-based fuzzy class-association-rule mining with sub-attribute utilization. In Isaias P, Rodrigues L, Nunes MB, Powell P, editors, Proceedings of the IADIS International Conference Information Systems 2012, IS 2012. IADIS. 2012. p. 11-17