Intrusion Detection System Using Hybrid Differential Evolution and Group Method of Data Handling Approach

This paper proposes a new intrusion detection methodology based on hybrid of Differential Evolution (DE) and Group Method of Data Handling (GMDH). It focuses on intrusion detection based on system call sequences using text processing techniques. The hybrid DE-GMDH is used to classify a process as either normal or abnormal. This paper presents the application of PCA and hybrid DE-GMDH to modeling high dimensional bench-mark DARPA-1998 database. For modeling and classifying the data, they adopted this combination of two stage PCA and hybrid DEGMDH procedure. The presented technique shows significantly better results than other existing techniques available in the literature in achieving lower false positive rates at 100% detection rate.