Implementing Rule based Genetic Algorithm as a Solution for Intrusion Detection System

This rapid growth of computer networks for the past decade, security has become a very important issue for computer systems. The detection of attacks by using IDS against computer networks is becoming a major problem to solve in the area of network security. In this paper we are going to present Genetic Algorithm to identify various harmful/attack type of connections. This algorithm takes into consideration of different features in network connections such as a type of protocol type, duration, service, dst_host_srv_count to generate a classification on rule set. Each rule set identifies a specific type of attacks. For this experiment, we implemented Genetic Algorithm and trained it on the KDDCUP99 dataset to generate a set of rules that can be applicable to the IDS to identify and classify different types of attack connections. In this experiment the characters of an attack such as Smurf, Warezmaster, Saint, Mail bomb, multihop, IP sweep, snmpguess, buffer-overflow were summarized through the KDD99 data set and the effectiveness and robustness of the approach has been proved. These rules will work with high-quality accuracy for detecting the Denial of Service and Probe type of attacks connections and with appreciable accuracy for identifying the U2R and R2L connections. These findings from this experiment have given promising results towards applying GA for Network Intrusion Detection.