Network Intrusion Detection Using Genetic Algorithm and Predictive Rule Mining

In the modern digital world, there are over 4.3 billion Internet users contributing to the ever-increasing network traffic. With the huge network traffic growth, there is an increase in security threats which usually stem from external and/or internal hosts. As a consequence, it becomes indispensable to secure the system, but the dynamic nature of diverse attacks makes it strenuous to build a completely secure system. Therefore, using a technology that monitors the traffic and identifies any potential security threat gives an edge to the user and that is where the network intrusion detection system (NIDS) comes into play. An intrusion detection system (IDS) utilizes its ability to recognize any type of malicious network which cannot be detected by a conventional firewall. In this paper, we proposed a NIDS based on genetic algorithm (GA) using predictive rule mining. The novel idea of updating the crossover and mutation rate is applied maintaining a good balance of exploitation and exploration during evolution. The training set has been varied to evolve the rule base over a broader set of attacks. The proposed algorithm is implemented on the network security laboratory-knowledge discovery and data mining (NSL-KDD99) benchmark dataset. The results evaluate the performance of the network intrusion detection model using accuracy and detection rate metrics. The proposed system can be deployed in both wired and ad hoc networks.