Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

B. Shanmugam; N.B. Idris

doi:10.1109/SoCPaR.2009.51

Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › Research › peer-review

Abstract

Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.

Original language	English
Title of host publication	SoCPaR 2009 - Soft Computing and Pattern Recognition
Pages	212-217
Number of pages	6
DOIs	https://doi.org/10.1109/SoCPaR.2009.51
Publication status	Published - 2009
Externally published	Yes
Event	International Conference on Soft Computing and Pattern Recognition - Malacca; Malaysia Duration: 4 Dec 2009 → 7 Dec 2009

Conference

Conference	International Conference on Soft Computing and Pattern Recognition
Abbreviated title	SoCPaR 2009
Period	4/12/09 → 7/12/09

Fingerprint

Intrusion detection

Fuzzy logic

Data mining

Inference engines

Fuzzy inference

Fuzzy rules

Decision making

Processing

Cite this

Shanmugam, B., & Idris, N. B. (2009). Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. In SoCPaR 2009 - Soft Computing and Pattern Recognition (pp. 212-217) https://doi.org/10.1109/SoCPaR.2009.51

Shanmugam, B. ; Idris, N.B. / Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. SoCPaR 2009 - Soft Computing and Pattern Recognition. 2009. pp. 212-217

@inproceedings{c4fcd59a014a4cf281b1fa2f8c7a5fd4,

title = "Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks",

abstract = "Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the {"}live{"} networking environment inside the campus and the results has been discussed. {\circledC} 2009 IEEE.",

keywords = "Apriori, Fuzzy logic, Hybrid system, Intrusion detection, Apriori algorithms, Attribute selection, Data mining techniques, Data sets, Detection rates, Distributed networks, Fuzzy-data mining, Hybrid model, If-then rules, Intrusion Detection Systems, Mamdani inference, Networking environment, Security attacks, Signature-based approach, Computer crime, Data mining, Data processing, Electric grounding, Fuzzy inference, Fuzzy systems, Hybrid computers, Hybrid systems, Industrial research, Pattern recognition, Soft computing",

author = "B. Shanmugam and N.B. Idris",

year = "2009",

doi = "10.1109/SoCPaR.2009.51",

language = "English",

isbn = "978-076953879-2",

pages = "212--217",

booktitle = "SoCPaR 2009 - Soft Computing and Pattern Recognition",

}

Shanmugam, B & Idris, NB 2009, Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. in SoCPaR 2009 - Soft Computing and Pattern Recognition. pp. 212-217, International Conference on Soft Computing and Pattern Recognition, 4/12/09. https://doi.org/10.1109/SoCPaR.2009.51

Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. / Shanmugam, B.; Idris, N.B.

SoCPaR 2009 - Soft Computing and Pattern Recognition. 2009. p. 212-217.

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › Research › peer-review

TY - GEN

T1 - Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

AU - Shanmugam, B.

AU - Idris, N.B.

PY - 2009

Y1 - 2009

N2 - Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.

AB - Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.

KW - Apriori

KW - Fuzzy logic

KW - Hybrid system

KW - Intrusion detection

KW - Apriori algorithms

KW - Attribute selection

KW - Data mining techniques

KW - Data sets

KW - Detection rates

KW - Distributed networks

KW - Fuzzy-data mining

KW - Hybrid model

KW - If-then rules

KW - Intrusion Detection Systems

KW - Mamdani inference

KW - Networking environment

KW - Security attacks

KW - Signature-based approach

KW - Computer crime

KW - Data mining

KW - Data processing

KW - Electric grounding

KW - Fuzzy inference

KW - Fuzzy systems

KW - Hybrid computers

KW - Hybrid systems

KW - Industrial research

KW - Pattern recognition

KW - Soft computing

U2 - 10.1109/SoCPaR.2009.51

DO - 10.1109/SoCPaR.2009.51

M3 - Conference Paper published in Proceedings

SN - 978-076953879-2

SP - 212

EP - 217

BT - SoCPaR 2009 - Soft Computing and Pattern Recognition

ER -

Shanmugam B, Idris NB. Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. In SoCPaR 2009 - Soft Computing and Pattern Recognition. 2009. p. 212-217 https://doi.org/10.1109/SoCPaR.2009.51

Access to Document

10.1109/SoCPaR.2009.51

https://www.scopus.com/inward/record.uri?eid=2-s2.0-77649302479&doi=10.1109%2fSoCPaR.2009.51&partnerID=40&md5=6c56bb3668912bfa85c46f2f6a00b13c