Databases Reference
In-Depth Information
AND
OR
=
>
NOT
C3
IP
<=
0.8
C1
0.6
C2
(AND(OR(> CI 0.8) NOT(<= C2 0.6))(= C3 IP)))
(a)
Mode
Opcode
Target
Source
Source register/Input port reference
Target register reference
Permitted Operations
Instruction type(00-source is a register ID;
01- source is an input port reference)
Mode
Target
Constant
B bits constant
Target register reference
Instruction type(IX - constant)
(b)
Fig. 2.3. Chromosome structures of Tree GP and Linear GP; (a) Tree GP Chromosome
(b) Linear GP Chromosome.
11
2.2.3.
Intrusion detection systems
An intrusion detection system dynamically monitors the events taking place
in a system, such as trac on a network or activities on a host, and decides
whether these events are symptomatic of an attack or constitute a legitimate
use of the system.
15
In general, IDSs fall into two categories according to the detection
methods, namely misuse detection and anomaly detection. Misuse detection
identifies intrusions by matching observed data with pre-defined signatures
of intrusive behavior. So, well-known intrusions can be detected eciently
