{"title":"Network Anomaly Detection Using Genetic Programming with Semantic Approximation Techniques","authors":"Thi Huong Chu, Nguyen Quang Uy","doi":"10.1109/RIVF51545.2021.9642140","DOIUrl":null,"url":null,"abstract":"Network anomaly detection aims at detecting malicious behaviors to the network systems. This problem is of great importance in developing intrusion detection systems to protect networks from intrusive activities. Recently, machine learning-based methods for anomaly detection have become more popular in the research community thanks to their capability in discovering unknown attacks. In the paper, we propose an application of Genetic Programming (GP) with the semantics approximation technique to network anomaly detection. Specifically, two recently proposed techniques for reducing GP code bloat, i.e. Subtree Approximation (SA) and Desired Approximation (DA) are applied for detecting network anomalies. SA and DA are evaluated on 6 datasets in the field of anomaly detection and compared with standard GP and five common machine learning methods. Experimental results show that SA and DA have achieved better results than that of standard GP and the performance of GP is competitive with other machine learning algorithms.","PeriodicalId":6860,"journal":{"name":"2021 RIVF International Conference on Computing and Communication Technologies (RIVF)","volume":"4 1","pages":"1-6"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 RIVF International Conference on Computing and Communication Technologies (RIVF)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RIVF51545.2021.9642140","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
Abstract
Network anomaly detection aims at detecting malicious behaviors to the network systems. This problem is of great importance in developing intrusion detection systems to protect networks from intrusive activities. Recently, machine learning-based methods for anomaly detection have become more popular in the research community thanks to their capability in discovering unknown attacks. In the paper, we propose an application of Genetic Programming (GP) with the semantics approximation technique to network anomaly detection. Specifically, two recently proposed techniques for reducing GP code bloat, i.e. Subtree Approximation (SA) and Desired Approximation (DA) are applied for detecting network anomalies. SA and DA are evaluated on 6 datasets in the field of anomaly detection and compared with standard GP and five common machine learning methods. Experimental results show that SA and DA have achieved better results than that of standard GP and the performance of GP is competitive with other machine learning algorithms.