As malicious intrusions (commonly termed “hacks”) into computer systems have become a growing problem, the need for accurately detecting these intrusions has risen. This paper presents a novel approach to detecting these intrusions by using a complex artificial intelligence method known as a genetic algorithm applied to an Intrusion Detection System. For this experiment, a genetic algorithm was written to learn how to detect malicious intrusions and separate them from normal use. The algorithm was then tested in a real-world simulation to gauge its effectiveness under unpredictable conditions. 1 Chittur, Adhitya This experiment analyzed the effectiveness of a genetic algorithm applied to the detection of computer intrusions and malicious computer behavior. The use of genetic algorithms to detect malicious computer behavior is a novel approach to the computer network intrusion detection problem presented in designing an Intrusion Detection System. A genetic algorithm is a method of artificial intelligence problem-solving based on the theory of Darwinian evolution applied to mathematical models. The genetic algorithm designed for this experiment promoted a high detection rate of malicious behavior and a low false positive rate of normal behavior classified as malicious. The genetic algorithm was given “training data ” from which an empirical model of malicious computer behavior was generated. This model was then tested over previously unseen data to gauge its real-world performance. The results presented show that the genetic algorithm was successfully able to generate an accurate empirical behavioral model from training data and then able to successfully apply this empirical knowledge to data never seen before. The final model produced had an overall accuracy level of 97.8%, which showed both a high detection rate and an extremely low false positive rate. From these results, it was concluded that genetic algorithms are a viable method for empirical model generation for computer intrusion detection. Genetic algorithms are now a possible alternative for the detection of malicious intrusions
To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.