Network Anomaly Detection System using Genetic Algorithm, Feature Selection and Classification

Abstract

Networks are dangerous environments with containing numerous security vulnerabilities and those vulnerabilities are likely to be used while attacking systems with the intent of stealing valuable information or stopping the services. A system should be protected from already-known types of attacks and also have ability to detect unknown types of attacks to prevent abduction of the information. Unknown types of attacks may give harm to the system by stopping the services that runs effective and stable. For that purpose, it has become necessary to develop a flexible and adaptable system which can collect instant data from the network, distinguish between harmless and harmful behaviors and take measures against them. The main goal of this work is to explain a network anomaly detection system that is developed using genetic algorithm and Weka classification features to fulfill the purposes stated above. The Genetic Algorithm is used to generate various individuals with the aim of determining which attributes of the individual are providing a better result about learning the behavioral pattern of the network traffic. Furthermore, Weka classifiers are applied to the train and test datasets to calculate the best fitness value, and to decide on individual's attributes that are more effective about finding the anomaly occurring in a given instant.