Open AccessNetwork Intrusion Detection Based on Directed Acyclic Graph and Belief Rule Base
Author(s) -
Zhang BangCheng,
Hu GuanYu,
Zhou ZhiJie,
Zhang YouMin,
Qiao PeiLi,
Chang LeiLei
Publication year - 2017
Publication title -
etri journal
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.295
H-Index - 46
eISSN - 2233-7326
pISSN - 1225-6463
DOI - 10.4218/etrij.17.0116.0305
Subject(s) - directed acyclic graph , computer science , intrusion detection system , directed graph , constraint (computer aided design) , data mining , artificial intelligence , algorithm , mathematics , geometry
Intrusion detection is very important for network situation awareness. While a few methods have been proposed to detect network intrusion, they cannot directly and effectively utilize semi‐quantitative information consisting of expert knowledge and quantitative data. Hence, this paper proposes a new detection model based on a directed acyclic graph ( DAG ) and a belief rule base ( BRB ). In the proposed model, called DAG ‐ BRB , the DAG is employed to construct a multi‐layered BRB model that can avoid explosion of combinations of rule number because of a large number of types of intrusion. To obtain the optimal parameters of the DAG ‐ BRB model, an improved constraint covariance matrix adaption evolution strategy ( CMA ‐ ES ) is developed that can effectively solve the constraint problem in the BRB . A case study was used to test the efficiency of the proposed DAG ‐ BRB . The results showed that compared with other detection models, the DAG ‐ BRB model has a higher detection rate and can be used in real networks.