Automatic Feature Construction for Network Intrusion Detection

Binh Tran, Stjepan Picek, Bing Xue*

*Corresponding author for this work

Research output: Chapter in Book/Conference proceedings/Edited volumeConference contributionScientificpeer-review

3 Citations (Scopus)

Abstract

The notion of cyberspace became impossible to separate from the notions of cyber threat and cyberattack. Since cyberattacks are getting easier to run, they are also becoming more serious threats from the economic damage perspective. Consequently, we are evident of a continuous adversarial relationship between the attackers trying to mount as powerful as possible attacks and defenders trying to stop the attackers in their goals. To defend against such attacks, defenders have at their disposal a plethora of techniques but they are often falling behind the attackers due to the fact that they need to protect the whole system while the attacker needs to find only a single weakness to exploit. In this paper, we consider one type of a cyberattack – network intrusion – and investigate how to use feature construction via genetic programming in order to improve the intrusion detection accuracy. The obtained results show that feature construction offers improvements in a number of tested scenarios and therefore should be considered as an important step in defense efforts. Such improvements are especially apparent in scenario with the highly unbalanced data, which also represents the most interesting case from the defensive perspective.

Original languageEnglish
Title of host publicationSimulated Evolution and Learning
Subtitle of host publication11th International Conference SEAL 2017 Proceedings
EditorsY. Shi, K.C. Tan, M. Zhang, K. Tang, X. Li, Q. Zhang, Y. Tan, M. Middendorf, Y. Jin
Place of PublicationCham
PublisherSpringer
Pages569-580
Number of pages12
ISBN (Electronic)978-3-319-68759-9
ISBN (Print)978-3-319-68758-2
DOIs
Publication statusPublished - 2017
Event11th International Conference on Simulated Evolution and Learning, SEAL 2017: Asia-Pacific Conference on Simulated Evolution and Learning - Shenzhen, China
Duration: 10 Nov 201713 Nov 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer
Volume10593
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference11th International Conference on Simulated Evolution and Learning, SEAL 2017
Country/TerritoryChina
CityShenzhen
Period10/11/1713/11/17

Fingerprint

Dive into the research topics of 'Automatic Feature Construction for Network Intrusion Detection'. Together they form a unique fingerprint.

Cite this