摘要： 将改进的GP 应用于入侵检测规则自动提取，利用GP 灵活的个体表示得到自然描述的规则，使规则易于理解，利用GP 全局寻优的能力得到较好的入侵检测规则，从而降低误报率和漏报率。该文对GP 的改进体现在两个方面：（1）针对入侵检测规则的特点改进个体表示中的语义规则，（2）改进的适应度函数。文章最后给出了实验结果，并与其他文献的同类实验结果进行了比较，证明了改进GP 的有效性和先进性。

关键词: GP；入侵检测；数据挖掘；适应度函数

Abstract: This paper improves GP and applies it to distill intrusion detection rules. It makes use of flexible encoding of GP to gain rules depicted naturally, so that the rules is easy to be understood, and makes use of GP’s powerful search performance to gain better intrusion detection rules, in order to reduce the false alarm rate(FA) and the detected attacks rate(DR). The method has two characteristics: (1) improve syntactical restrictions according intrusion detection rules characteristics, (2) improve fitness function. At last, it shows experimental results, and compares them with other papers, thus proves the method’s validity and advantage

Key words: GP; Intrusion detection; Data mining; Fitness function