An evolutionary approach to generate fuzzy anomaly (attack) signatures


We describe the generation of fuzzy signatures to detect some cyber attacks. This approach is an enhancement to our previous work, which was based on the principle of negative selection for generating anomaly detectors using genetic algorithms. The present work includes a different genetic representation scheme for evolving efficient fuzzy detectors. To determine the performance of the proposed approach, which is named Evolving Fuzzy Rule Detectors (EFR), experiments were conducted with three different data sets. One data set contains wireless data, generated using network simulator (NS2) while the other two data sets are publicly available (from Lincoln Lab). Results exhibited that the proposed approach outperformed the previous techniques.

Publication Title

IEEE Systems, Man and Cybernetics Society Information Assurance Workshop