We use Genetic Programming in a machine learning approach to learn a detector of DoS-related network intrusion events. We present a one class classifier technique that trains a model from one class of data-normal, i.e., non-intrusion events. Our technique, after ensemble fusion, is competitive with one-class modelling with Support Vector Machines. We compare with three datasets and our best GP-based classifiers are able to outperform one-class SVM. For two out of four test cases, the advantage of GP classifiers when compared with one-class SVM is less than 1% which does not represent a significant improvement. On the last two cases, GP achieves significantly better results and making it a viable choice for anomaly detection task.
CITATION STYLE
Picek, S., Hemberg, E., Jakobovic, D., & O’Reilly, U.-M. (2018). One-Class Classification of Low Volume DoS Attacks with Genetic Programming (pp. 149–168). https://doi.org/10.1007/978-3-319-90512-9_10
Mendeley helps you to discover research relevant for your work.