Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

B. Shanmugam, N.B. Idris

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

Abstract

Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.
Original languageEnglish
Title of host publicationSoCPaR 2009 - Soft Computing and Pattern Recognition
Pages212-217
Number of pages6
DOIs
Publication statusPublished - 2009
Externally publishedYes
EventInternational Conference on Soft Computing and Pattern Recognition - Malacca; Malaysia
Duration: 4 Dec 20097 Dec 2009

Conference

ConferenceInternational Conference on Soft Computing and Pattern Recognition
Abbreviated titleSoCPaR 2009
Period4/12/097/12/09

Fingerprint

Intrusion detection
Fuzzy logic
Data mining
Inference engines
Fuzzy inference
Fuzzy rules
Decision making
Processing

Cite this

Shanmugam, B. ; Idris, N.B. / Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. SoCPaR 2009 - Soft Computing and Pattern Recognition. 2009. pp. 212-217
@inproceedings{c4fcd59a014a4cf281b1fa2f8c7a5fd4,
title = "Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks",
abstract = "Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the {"}live{"} networking environment inside the campus and the results has been discussed. {\circledC} 2009 IEEE.",
keywords = "Apriori, Fuzzy logic, Hybrid system, Intrusion detection, Apriori algorithms, Attribute selection, Data mining techniques, Data sets, Detection rates, Distributed networks, Fuzzy-data mining, Hybrid model, If-then rules, Intrusion Detection Systems, Mamdani inference, Networking environment, Security attacks, Signature-based approach, Computer crime, Data mining, Data processing, Electric grounding, Fuzzy inference, Fuzzy systems, Hybrid computers, Hybrid systems, Industrial research, Pattern recognition, Soft computing",
author = "B. Shanmugam and N.B. Idris",
year = "2009",
doi = "10.1109/SoCPaR.2009.51",
language = "English",
isbn = "978-076953879-2",
pages = "212--217",
booktitle = "SoCPaR 2009 - Soft Computing and Pattern Recognition",

}

Shanmugam, B & Idris, NB 2009, Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. in SoCPaR 2009 - Soft Computing and Pattern Recognition. pp. 212-217, International Conference on Soft Computing and Pattern Recognition, 4/12/09. https://doi.org/10.1109/SoCPaR.2009.51

Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks. / Shanmugam, B.; Idris, N.B.

SoCPaR 2009 - Soft Computing and Pattern Recognition. 2009. p. 212-217.

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

TY - GEN

T1 - Improved intrusion detection system using fuzzy logic for detecting anamoly and misuse type of attacks

AU - Shanmugam, B.

AU - Idris, N.B.

PY - 2009

Y1 - 2009

N2 - Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.

AB - Currently available intrusion detection systems focus mainly on determining uncharacteristic system events in distributed networks using signature based approach. Due to its limitation of finding novel attacks, we propose a hybrid model based on improved fuzzy and data mining techniques, which can detect both misuse and anomaly attacks. The aim of our research is to reduce the amount of data retained for processing i.e., attribute selection process and also to improve the detection rate of the existing IDS using data mining technique. We then use improved Kuok fuzzy data mining algorithm, which in turn a modified version of APRIORI algorithm, for implementing fuzzy rules, which allows us to construct if-then rules that reflect common ways of describing security attacks. We applied fuzzy inference engine using mamdani inference mechanism with three variable inputs for faster decision making. The proposed model has been tested and benchmarked against DARPA 1999 data set for its efficiency and also tested against the "live" networking environment inside the campus and the results has been discussed. © 2009 IEEE.

KW - Apriori

KW - Fuzzy logic

KW - Hybrid system

KW - Intrusion detection

KW - Apriori algorithms

KW - Attribute selection

KW - Data mining techniques

KW - Data sets

KW - Detection rates

KW - Distributed networks

KW - Fuzzy-data mining

KW - Hybrid model

KW - If-then rules

KW - Intrusion Detection Systems

KW - Mamdani inference

KW - Networking environment

KW - Security attacks

KW - Signature-based approach

KW - Computer crime

KW - Data mining

KW - Data processing

KW - Electric grounding

KW - Fuzzy inference

KW - Fuzzy systems

KW - Hybrid computers

KW - Hybrid systems

KW - Industrial research

KW - Pattern recognition

KW - Soft computing

U2 - 10.1109/SoCPaR.2009.51

DO - 10.1109/SoCPaR.2009.51

M3 - Conference Paper published in Proceedings

SN - 978-076953879-2

SP - 212

EP - 217

BT - SoCPaR 2009 - Soft Computing and Pattern Recognition

ER -