Because of the expansion of the Internet in recent years, computer systems are exposed to an increasing number and type of security threats. How to detect network intrusions effectively becomes an important technique. This paper proposes a class association rule mining approach based on genetic network programming (GNP) for detecting network intrusions. This approach can deal with both discrete and continuous attributes in network-related data. And it can be flexibly applied to both misuse detection and anomaly detection. Experimental results with KDD99Cup and DARPA98 database from MIT Lincoln Laboratory shows that the proposed method provides a competitive high detection rate (DR) compared to other machine learning techniques.

• 出版日期2010-9
• 单位上海交通大学