Use this URL to cite or link to this record in EThOS:
Title: Evolving intelligent intrusion detection systems
Author: Lekkas, Stavros
ISNI:       0000 0004 2671 8838
Awarding Body: The University of Manchester
Current Institution: University of Manchester
Date of Award: 2009
Availability of Full Text:
Access from EThOS:
The vast majority of existing Intrusion Detection Systems incorporates static knowledge bases, which contain information about specific attack patterns. Although such knowledge bases can gradually expand, yet they have required the close maintenance of an expert, letting alone the possibility that the knowledge base might overload and tinally run over. Furthermore, most of the existing quantitative methods for intrusion detection require the data records to be processed in offline mode, as a batch. Unfortunately this allows only a snapshot of the actual domain to be analysed. On top of that, should new data records become available they require cost-sensitive calculations due to the fact that re-learning is ineffective for real-time applications. The prospective application of evolving nature-inspired intelligent behavior in conjunction with network intrusion detection is an attractive field which overcomes these problems, but which contains open questions remaining to be answered. A standalone Network Intrusion Detection System, which is capabk of evolving its knowledge structure and parameters in order to prevent both known and novel intrusions. is still not available. Initially, this thesis reviews a methodology for evolving fuzzy classification. which allows data to be processed in online mode by recursively modifying a fuzzy rule base on a per-sample basis. The incremental adaptation is gradually developed by the int1uence of the input data, which arrive from a data stream in succession. Recent studies have shown that the eClass algorithms are a promising elucidation since they have been extensively used for control applications and are also suitable for real-time classification tasks. such as fault detection, diagnosis, robotic navigation ctc. Finally, it is revealed that the relative eClass architecture can be further improved in terms of the predictive accuracy and that it can be effectively applied on behalf of network diagnostics. The improved algorithm is finally compared to others and seems to outperform many well-known methods and to be adequately competent.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available