Abstract

With the development of the Internet, technological innovation and the availability of information emerged new computer security threats. The researchers are developing new systems known as Intrusion Detection Systems IDSs for detecting the known and unknown attacks.  IDS have  two approaches depending on the detecting theories: Misuse Detection and Anomaly Detection. This paper aims to design and implement  a misuse  network intrusion detection system based on Genetic Algorithm. The efficiency of using GA for building IDS based on NSL-KDD is verified. For rules generation NSL-KDD Data Set is used which include, KDDTrain and KDDTest, 125973 and 22544 records respectively, each record  consists of 41 features and one class attribute for specifying   normal and abnormal connection (complete train and test data are used), In order to get rid of redundancy and inappropriate features Principal  Component Analysis (PCA) is used for selecting (5)  features. Number of experiments have been done. The experimental results show that the proposed system based on GA and using PCA (for selecting five features)  on NSL-KDD able to speed up the process of intrusion detection and to minimize the CPU time cost and reducing time for training and testing, that the detection rate: 91.6%  and false alarm is: 0% and classification rate  (DoS 93.48 %), (Normal 99.52%) , (Probe 81.16%), (R2L 69.47%), (U2R 32.84%). C# programming language is used for system implementation.