Network
Join Attendee Network
 

Using Genetic Algorithms for Network Intrusion Detection and Integration into nProbe

Presented by: Brian Lavender

SNORT is popular Network Intrusion Detection System (NIDS) tool that currently uses a custom rule based system to identify attacks. This presentation emphasizes on writing the algorithm to write generate the rules through GA and the integration of them into nProbe, a similar network monitoring tool written by Luca Deri with a plug-in architecture.

Genetic Algorithms are dependent upon identifying attributes to describe a problem and evolving a desired population. In this case, the problem is an attack through the network and identifying the attack through connection property attributes. Genetic Algorithms depends upon training data. DARPA datasets provide training data, in categorized format (attack vs. normal) along with a corresponding raw network recorded format called tcpdump. nProbe has a plug-in architecture allowing for customization.

This presentation explains original code in C to evolve rules. It uses the same chromosome attributes used by Gong. The development verifies and contrasts against the research performed by Gong. It also presents the code for integration into nProbe.

  • Intel
  • Microsoft
  • Google
  • Facebook
  • Rackspace Hosting
  • (mt) Media Temple, Inc.
  • ActiveState
  • CommonPlaces
  • DB Relay
  • FireHost
  • GoDaddy
  • HP
  • HTSQL by Prometheus Research
  • Impetus Technologies Inc.
  • Infobright, Inc
  • JasperSoft
  • Kaltura
  • Marvell
  • Mashery
  • NorthScale, Inc.
  • Open Invention Network
  • OpSource
  • Oracle
  • Parallels
  • PayPal
  • Percona
  • Qualcomm Innovation Center, Inc.
  • Rhomobile
  • Schooner Information Technology
  • Silicon Mechanics
  • SourceGear
  • Symbian
  • VoltDB
  • WSO2
  • Linux Pro Magazine

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com

Download the OSCON Sponsor/Exhibitor Prospectus

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for information on trade opportunities with O'Reilly conferences or contact mediapartners@ oreilly.com

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON Newsletter (login required)

OSCON 2.0 Ideas

Have an idea for OSCON to share? oscon-idea@oreilly.com

Contact Us

View a complete list of OSCON contacts