Investigating Cellular Automata Based Network Intrusion Detection System For Fixed Networks (NIDWCA) (1401.3046v1)

Abstract: Network Intrusion Detection Systems (NIDS) are computer systems which monitor a network with the aim of discerning malicious from benign activity on that network. With the recent growth of the Internet such security limitations are becoming more and more pressing. Most of the current network intrusion detection systems relay on labeled training data. An Unsupervised CA based anomaly detection technique that was trained with unlabelled data is capable of detecting previously unseen attacks. This new approach, based on the Cellular Automata classifier (CAC) with Genetic Algorithms (GA), is used to classify program behavior as normal or intrusive. Parameters and evolution process for CAC with GA are discussed in detail. This implementation considers both temporal and spatial information of network connections in encoding the network connection information into rules in NIDS. Preliminary experiments with KDD Cup data set show that the CAC classifier with Genetic Algorithms can effectively detect intrusive attacks and achieve a low false positive rate. Training a NIDWCA (Network Intrusion Detection with Cellular Automata) classifier takes significantly shorter time than any other conventional techniques.