Adaptive Framework for Network Intrusion Detection by Using Genetic-Based Machine Learning Algorithm

Summery Computer networks have expanded significantly in use and in numbers. This expansion makes them target to different attacks. Intrusion Detection System (IDS) is used to identify unknown or new type of attacks or in dynamic environments as mobile networks. As a result, it is necessary to find a ways to implement and operate IDSs. Among different techniques, Genetic-based machine learning algorithm (GBML) which offers a good ability to be adapted to changing environments, robustness to noise and ability to identify unknown attacks. The objective of this paper is to incorporate different techniques into classifier system to detect and classify intrusion from normal network packet. Among several techniques, steady state genetic-based machine leaning algorithm (SSGBML) which will be used to detect intrusions. Steady State Genetic Algorithm (SSGA) and Zeroth Level Classifier system (ZCS) are investigated. SSGA is used as a discovery mechanism for classifiers, while ZCS plays the role of detector by matching incoming environment message with classifiers to determine whether it is normal or intrusion. As a feedback, the environment will make a decision on whether to take action or not. In order to attain the best results, modifying SSGA will enhance our discovery engine. The experiments and evaluations of the proposed method were performed with the KDD 99 intrusion detection dataset.