A fuzzy model for network intrusion detection

The network intrusion becomes ever growing problem. The complexity present in the collected network data set is absence of clear boundary between anomaly connection and normal connection. However fuzzy logic can well address this problem. In earlier works, combining fuzzy logic and data mining to develop fuzzy rules are explored to address this problem. In this paper, a new fuzzy model is developed to detect anomaly connections. The developed model is tested with NSLKDD data set. The model gives better result. | International Journal of Computer Networks and Communications Security C VOL. 2, NO. 5, MAY 2014, 168–172 Available online at: ISSN 2308-9830 N C S A Fuzzy Model for Network Intrusion Detection and 1 Associate Professor and Head, Department of CS, Aditanar College, Tiruchendur 2 Professor and Head, Department of CSE, Hindustan Univesity, Chennai E-mail: 1seesay@, 2ern_jo@ ABSTRACT The network intrusion becomes ever growing problem. The complexity present in the collected network data set is absence of clear boundary between anomaly connection and normal connection. However fuzzy logic can well address this problem. In earlier works, combining fuzzy logic and data mining to develop fuzzy rules are explored to address this problem. In this paper, a new fuzzy model is developed to detect anomaly connections. The developed model is tested with NSLKDD data set. The model gives better result. Keywords: Network intrusion ,anomaly detection, fuzzy model, 10-fold cross validation. 1 INTRODUCTION As defined in [1], intrusion detection is “the process of monitoring the events occurring in a computer system or network and analyzing them for signs of intrusions, defined as attempts to compromise the confidentiality, integrity, availability, or to bypass the security mechanisms of a computer or network”. In a computer network, there are two main intrusion detection systems - Anomaly intrusion detection system and misuse intrusion detection system. The first one is based on the profiles of normal behaviour of users or applications and checks whether the system is being used in a different manner. The second one collects attack signatures, compares behaviour with the collected attack signatures and signals intrusion when there is a match [2]. System with characteristics such as impreciseness, vagueness and ambiguity make the system more complex. If these characteristics can be represented .

Không thể tạo bản xem trước, hãy bấm tải xuống
TÀI LIỆU MỚI ĐĂNG
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.