Abstract
The security policy rules in companies are generally proposed by the Chief Security Officer (CSO), who must, for instance, select by hand which access events are allowed and which ones should be forbidden. In this work we propose a way to automatically obtain rules that generalise these single-event based rules using Genetic Programming (GP), which, besides, should be able to present them in an understandable way. Our GP-based system obtains good dataset coverage and small ratios of false positives and negatives in the simulation results over real data, after testing different fitness functions and configurations in the way of coding the individuals.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ali, S., Qureshi, M.N., Abbasi, A.G.: Analysis of BYOD security frameworks. In: 2015 Conference on Information Assurance and Cyber Security (CIACS), pp. 56–61. IEEE (2015)
de Arruda Pereira, M., Carrano, E.G., Davis Junior, C.A., de Vasconcelos, J.A.: A comparative study of optimization models in genetic programming-based rule extraction problems. Soft Comput. 23(4), 1179–1197 (2019). https://doi.org/10.1007/s00500-017-2836-8
Back, T.: Evolutionary Algorithms in Theory and Practice: Evolution Strategies, Evolutionary Programming, Genetic Algorithms. Oxford University Press, Oxford (1996)
Castellanos-Garzón, J.A., Ramos, J., Martín, Y.M., de Paz, J.F., Costa, E.: A genetic programming approach applied to feature selection from medical data. In: Fdez-Riverola, F., Mohamad, M.S., Rocha, M., De Paz, J.F., González, P. (eds.) PACBB2018 2018. AISC, vol. 803, pp. 200–207. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-98702-6_24
Derrac, J., García, S., Molina, D., Herrera, F.: A practical tutorial on the use of nonparametric statistical tests as a methodology for comparing evolutionary and swarm intelligence algorithms. Swarm and Evolutionary Computation 1(1), 3–18 (2011). https://doi.org/10.1016/j.swevo.2011.02.002
Espejo, P.G., Ventura, S., Herrera, F.: A survey on the application of genetic programming to classification. IEEE Trans. Syst. Man Cybern. Part C 40(2), 121–144 (2010)
Falco, I.D., Cioppa, A.D., Tarantino, E.: Discovering interesting classification rules with genetic programming. Appl. Soft Comput. 1(4), 257–269 (2002). https://doi.org/10.1016/S1568-4946(01)00024-2. http://www.sciencedirect.com/science/article/pii/S1568494601000242
Freitas, A.A.: Data Mining and Knowledge Discovery with Evolutionary Algorithms. Springer, Heidelberg (2002). https://doi.org/10.1007/978-3-662-04923-5
García-Sánchez, P., Fernández-Ares, A., Mora, A.M., Castillo, P.A., González, J., Guervós, J.J.M.: Tree depth influence in genetic programming for generation of competitive agents for RTS games. In: Esparcia-Alcázar, A.I., Mora, A.M. (eds.) EvoApplications 2014. LNCS, vol. 8602, pp. 411–421. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45523-4_34
Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The WEKA data mining software: an update. SIGKDD Explor. 11(1), 10–18 (2009)
Japkowicz, N., Stephen, S.: The class imbalance problem: a systematic study. Intell. Data Anal. 6(5), 429–449 (2002)
Kaeo, M.: Designing Network Security, 2nd edn. Cisco Press, Indianapolis (2003)
Pietraszek, T., Tanner, A.: Data mining and machine learning - towards reducing false positives in intrusion detection. Inf. Secur. Techn. Rep. 10(3), 169–183 (2005)
Prechelt, L.: PROBEN 1-a set of benchmarks and benchmarking rules for neural network training algorithms (1994)
Safavian, S.R., Landgrebe, D.: A survey of decision tree classifier methodology. IEEE Trans. Syst. Man Cybern. 21(3), 660–674 (1991). https://doi.org/10.1109/21.97458
Tsakonas, A., Dounias, G., Jantzen, J., Axer, H., Bjerregaard, B., von Keyserlingk, D.G.: Evolving rule-based systems in two medical domains using genetic programming. Artif. Intell. Med. 32(3), 195–216 (2004). https://doi.org/10.1016/j.artmed.2004.02.007. http://www.sciencedirect.com/science/article/pii/S0933365704001058. Adaptive Systems and Hybrid Computational Intelligence in Medicine
Witten, I.H., Frank, E.: Data Mining: Practical Machine Learning Tools and Techniques. Morgan Kaufmann, Burlington (2005)
Acknowledgements
This work has been partially funded by projects RTI2018-102002-A-I00 (Ministerio de Ciencia, Innovación y Universidades), TIN2017-85727-C4-2-P (Ministerio español de Economía y Competitividad), and TEC2015-68752 (also funded by FEDER), as well as project B-TIC-402-UGR18 (FEDER y Junta de Andalucía).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
de las Cuevas, P., García-Sánchez, P., Chelly Dagdia, Z., García-Arenas, MI., Merelo Guervós, J.J. (2020). Automatic Rule Extraction from Access Rules Using Genetic Programming. In: Castillo, P.A., Jiménez Laredo, J.L., Fernández de Vega, F. (eds) Applications of Evolutionary Computation. EvoApplications 2020. Lecture Notes in Computer Science(), vol 12104. Springer, Cham. https://doi.org/10.1007/978-3-030-43722-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-43722-0_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-43721-3
Online ISBN: 978-3-030-43722-0
eBook Packages: Computer ScienceComputer Science (R0)