Detectors Tuning in the Intelligent Intrusion Detection Systems

Modern Intrusion Detection and Prevention Systems operate with large amount of data. Most host-based systems can analyze big number of traffic features in real-time mode. But the network-based systems cannot gather and analyze network connections in the same way because of the high network speed and traffic overload. One of the approaches is based on the analysis of intrinsic and statistical traffic features using Al methods including artificial neural network (ANN) algorithms. In this work some aspects of ANN-based detectors’ tuning are reviewed. Such tuning is done using genetic algorithms and special fine-tune algorithms. Comparison with non-tuned detectors is given.
