Accessibility navigation


Increasing detection rate of user-to-root attacks using genetic algorithms

Bankovic, Z., Bojanic, S. , Nieto-Taladriz, O. and Badii, A. (2007) Increasing detection rate of user-to-root attacks using genetic algorithms. In: The International Conference on Emerging Security Information, Systems, and Technologies (SecureWare 2007), Valencia, Spain, https://doi.org/10.1109/SECUREWARE.2007.4385309.

Full text not archived in this repository.

It is advisable to refer to the publisher's version if you intend to cite from this work. See Guidance on citing.

To link to this item DOI: 10.1109/SECUREWARE.2007.4385309

Abstract/Summary

An extensive set of machine learning and pattern classification techniques trained and tested on KDD dataset failed in detecting most of the user-to-root attacks. This paper aims to provide an approach for mitigating negative aspects of the mentioned dataset, which led to low detection rates. Genetic algorithm is employed to implement rules for detecting various types of attacks. Rules are formed of the features of the dataset identified as the most important ones for each attack type. In this way we introduce high level of generality and thus achieve high detection rates, but also gain high reduction of the system training time. Thenceforth we re-check the decision of the user-to- root rules with the rules that detect other types of attacks. In this way we decrease the false-positive rate. The model was verified on KDD 99, demonstrating higher detection rates than those reported by the state- of-the-art while maintaining low false-positive rate.

Item Type:Conference or Workshop Item (Paper)
Divisions:Science > School of Mathematical, Physical and Computational Sciences > Department of Computer Science
ID Code:14586
Uncontrolled Keywords:genetic algorithms, pattern classification, security of data , KDD 99, KDD dataset, genetic algorithms, machine learning, pattern classification, system training time, user-to-root attack detection
Publisher:IEEE

University Staff: Request a correction | Centaur Editors: Update this record

Page navigation