Abstract
Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.
Original language | English |
---|---|
Title of host publication | SoCPaR 2009 - Soft Computing and Pattern Recognition |
Pages | 212-217 |
Number of pages | 6 |
DOIs | |
Publication status | Published - 2009 |
Externally published | Yes |
Event | International Conference on Soft Computing and Pattern Recognition - Malacca; Malaysia Duration: 4 Dec 2009 → 7 Dec 2009 |
Conference
Conference | International Conference on Soft Computing and Pattern Recognition |
---|---|
Abbreviated title | SoCPaR 2009 |
Period | 4/12/09 → 7/12/09 |