GNP-based fuzzy class-association-rule mining with sub-attribute utilization

Abhishek Ranjan, Rajalakshmi Selvaraj, Venu Madhav Kuthadi

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Network intrusion detection aims at distinguishing the attacks on the Internet from normal use of the Internet. It is an indispensable part of the information security system. Due to the variety of network behaviors and the rapid development of attack fashions, it is necessary to develop fast machine-learning-based intrusion detection algorithms with high detection rates and low false-alarm rates. In this correspondence, we propose a novel fuzzy class-association rule mining method based on genetic network programming (GNP) for detecting network intrusions. GNP is an evolutionary optimization technique, which uses directed graph structures instead of strings in genetic algorithm or trees in genetic programming, which leads to enhancing the representation ability with compact programs derived from the reusability of nodes in a graph structure. By combining fuzzy set theory with GNP, the proposed method can deal with the mixed database that contains both discrete and continuous attributes and also extract many important class association rules that contribute to enhancing detection ability. Therefore, the proposed method can be flexibly applied to both misuse and anomaly detection in network-intrusion-detection problems. An incomplete database includes missing data in some tuples; however, the proposed method can extract important rules using these tuples. The GNP-Based Fuzzy Class- Association-Rule Mining performs in existing data only it cannot newly added Intrusion. Therefore we present Intrusion Detection Systems based on analyzing process traces. It also include following steps in GNP-Based Fuzzy Class- Association-Rule Process data model as a mathematical representation of normal behavior Improving the process data model improves the model of normal behavior. It should represent the underlying truth of normalcy of the data Uses cluster centers or centroids Uses distances away from the centroids Convert the Data to the Training Data.

Original languageEnglish
Title of host publicationProceedings of the IADIS International Conference Information Systems 2012, IS 2012
EditorsPedro Isaias, Luis Rodrigues, Miguel Baptista Nunes, Philip Powell
Number of pages7
ISBN (Electronic)9789728939687
Publication statusPublished - 2012
EventIADIS International Conference on Information Systems 2012, IS 2012 - Berlin, Germany
Duration: Mar 10 2012Mar 12 2012

Publication series

NameProceedings of the IADIS International Conference Information Systems 2012, IS 2012


OtherIADIS International Conference on Information Systems 2012, IS 2012

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Hardware and Architecture
  • Information Systems
  • Software


Dive into the research topics of 'GNP-based fuzzy class-association-rule mining with sub-attribute utilization'. Together they form a unique fingerprint.

Cite this