Rui Wang

Bio: Rui Wang is an academic researcher from Xi'an Jiaotong University. The author has contributed to research in topics: Algorithm design & Intrusion detection system. The author has an hindex of 1, co-authored 1 publications receiving 25 citations.

Artificial immune theory based network intrusion detection system and the algorithms design

Abstract: A network intrusion detection model based on artificial immune theory is proposed in this paper. In this model, self patterns and non-self patterns are built upon frequent behaviors sequences, then a simple but efficient algorithm for encoding patterns is proposed. Based on the result of encoding, another algorithm for creating detectors is presented, which integrates a negative selection with the clonal selection. The algorithm performance is analyzed, which shows that this method can shrink each generation scale greatly and create a good niche for patterns evolving.

Method and system for encrypted network management and intrusion detection

Abstract: A network security system includes a system data store capable of storing a variety of data associated with an encrypted computer network and communications transmitted thereon, a communication interface supporting communication over a communication channel and a system processor. Data corresponding to communications transmitted over the encrypted communication network are received. One or more tests are applied to the received data to determine whether a particular communication represents a potential security violation. An alarm may be generated based upon the results of the applied test or tests.

Ant colony optimization based network intrusion feature selection and detection

Abstract: This paper proposes a novel intrusion detection approach by applying ant colony optimization for feature selection and SVM for detection. The intrusion features are represented as graph-ere nodes, with the edges between them denoting the adding of the next feature. Ants traverse through the graph to add nodes until the stopping criterion is satisfied. The fisher discrimination rate is adopted as the heuristic information for ants' traversal. In order to avoid training of a large number of SVM classifier, the least square based SVM estimation is adopted. Initially, the SVM is trained based on grid search method to obtain discrimination function using the training data based on all features available. Then the feature subset produced during the ACO search process is evaluated based on their abilities to reconstruct the reference discriminative function using linear least square estimation. Finally SVM is retrained using the train data based on the obtained optimal feature subset to obtain intrusion detection model. The MIT's KDD Cup 99 dataset is used to evaluate our present method, the results clearly demonstrate that the method can be an effective way for intrusion feature selection and detection.

Design and analysis of genetic fuzzy systems for intrusion detection in computer networks

Abstract: Research highlights? We present three kinds of genetic fuzzy systems for intrusion detection problem. ? These IDSs can detect normal and abnormal behaviors in computer networks efficiently. ? Computer simulations demonstrate high performance of the proposed IDSs.? GFSs are able to develop accurate and also interpretable intrusion detection systems. The capability of fuzzy systems to solve different kinds of problems has been demonstrated in several previous investigations. Genetic fuzzy systems (GFSs) hybridize the approximate reasoning method of fuzzy systems with the learning capability of evolutionary algorithms. The objective of this paper is to design and analysis of various kinds of genetic fuzzy systems to deal with intrusion detection problem as a new real-world application area which is not previously tackled with GFSs. The resulted intrusion detection system would be capable of detecting normal and abnormal behaviors in computer networks. We have presented three kinds of genetic fuzzy systems based on Michigan, Pittsburgh and iterative rule learning (IRL) approaches to deal with intrusion detection as a high-dimensional classification problem. Experiments were performed with DARPA data sets which have information on computer networks, during normal and intrusive behaviors. The paper presents some results and compares the performance of different generated fuzzy rule sets in detecting intrusion in a computer network according to three different types of genetic fuzzy systems.

Intrusions detection based on Support Vector Machine optimized with swarm intelligence

Abstract: Intrusion Detection Systems(IDS) have become a necessary component of almost every security infrastructure. Recently, Support Vector Machines (SVM) has been employed to provide potential solutions for IDS. With its many variants for classification SVM is a state-of-the-art machine learning algorithm. However, the performance of SVM depends on selection of the appropriate parameters. In this paper we propose an IDS model based on Information Gain for feature selection combined with the SVM classifier. The parameters for SVM will be selected by a swarm intelligence algorithm (Particle Swarm Optimization or Artificial Bee Colony). We use the NSL-KDD data set and show that our model can achieve higher detection rate and lower false alarm rate than regular SVM.