Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

B. Shanmugam, N.B. Idris

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in Proceedings

Abstract

Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.
Original languageEnglish
Title of host publicationSoCPaR 2009 - Soft Computing and Pattern Recognition
Pages212-217
Number of pages6
DOIs
Publication statusPublished - 2009
Externally publishedYes
EventInternational Conference on Soft Computing and Pattern Recognition - Malacca; Malaysia
Duration: 4 Dec 20097 Dec 2009

Conference

ConferenceInternational Conference on Soft Computing and Pattern Recognition
Abbreviated titleSoCPaR 2009
Period4/12/097/12/09

Fingerprint Dive into the research topics of 'Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks'. Together they form a unique fingerprint.

  • Cite this