GA-NIDS: A Genetic Algorithm based Network Intrusion Detection System

Detection of malicious connections in computer networks has been a growing problem motivating widespread research in computer science to develop better intrusion detecting systems (IDS). In this paper, we present a machine learning approach known as Genetic Algorithm (GA), to identify such harmful/attack type of connections. The algorithm takes into consideration different features in network connections such as type of protocol, network service on the destination and status of the connection to generate a classification rule set. Each rule in rule set identifies a particular attack type. For this experiment, we implemented a GA and trained it on the KDD Cup 99 data set to generate a rule set that can be applied to the IDS to identify and classify different types of attack connections. Through our experiment, we have developed a rule set comprising of six rules to classify six different attack type of connections that fall into two classesn namely denial of service and probing attacks. The rule generated works with 100% accuracy for detecting the denial of service type of attack connections, and with appreciable accuracy for detecting the probe connections. Results from our experiment have given promising results towards applying genetic algorithm for network intrusion detection.