A parallel genetic local search algorithm for intrusion detection in computer networks

The security of networked computers plays a strategic role in modern computer systems. This task is so complicated because the determination of normal and abnormal behaviors in computer networks is hard, as the boundaries cannot be well defined. One of the difficulties in such a prediction process is the generation of false alarms in many anomaly based intrusion detection systems. However, fuzzy logic is an important solution to reduce the false alarm rate in determining intrusive activities. This paper proposes a parallel genetic local search algorithm (PAGELS) to generate fuzzy rules capable of detecting intrusive behaviors in computer networks. The system uses the Michigan's approach, where each individual represents a fuzzy rule which has the form "if condition then prediction." In the presented algorithm the global population is divided into some subpopulations, each assigned to a distinct processor. Each subpopulation consists of the same class fuzzy rules. These rules evolve independently in the proposed parallel manner. Experimental results show that the presented algorithm produces fuzzy rules, which can be used to construct a reliable intrusion detection system. (C) 2007 Elsevier Ltd. All rights reserved.