A Novel Intelligent Intrusion Detection, Decision, Response System.
ABSTRACT This paper proposed a novel intelligent intrusion detection, decision, response system with fuzzy theory. This system utilized the two essential informations: times and time, of the failed login to decide automatically whether this login is a misuse user as alike as experienced system/security administrators. The database of this system isn't preestablished before working but is built and updated automatically during working. And this system is not only notification system but gives the exact and rapid decision and response to a misuse.
- SourceAvailable from: Fakhri Karray
- "The Response Component: It reports intrusions and takes other responses such as isolation, changing logging information or disconnection, etc. In general, the intrusion response systems can be categorized depending on different criteria such as: degree of autonomous, activity of triggered response, ability to adjust, time response, cooperation ability, and response selection method  . "
Conference Paper: TCP/IP Model and Intrusion Detection Systems[Show abstract] [Hide abstract]
ABSTRACT: To accommodate the information security growth and hacker's improved strategies and tools, intrusion detection systems (IDSs) are required to be allocated across the network. Furthermore, previous studies showed that the choice of network features used for the IDS is dependent on the type of the attack. Accordingly, each TCP/IP network layer has specific type of network attacks, which means that each TCP/IP network layer needs a specific type of IDS. This paper proposes a new categorization for IDS depending on the TCP/IP network model: application layer IDS (AIDS), transport layer IDS (TIDS), network layer IDS (NIDS) and link layer IDS (LIDS). Each of these IDS types is specialized to a specific network device. So, the detection process will be distributed among all TCP/IP network model layers through the network devices. To design each of these different types of IDS, several experiments have been conducted using two different features selection approaches to select the appropriate features set for each IDS type. The experimental results indicate that each IDS type has different features set that can not only improve the overall performance of the IDS, but it also can improve its scalability.23rd International Conference on Advanced Information Networking and Applications, AINA 2009, Workshops Proceedings, Bradford, United Kingdom, May 26-29, 2009; 01/2009
[Show abstract] [Hide abstract]
- "These aforementioned problems damage the celerity, dynamicity, reliability and robustity of the systems and limit the effectiveness of the systems. In the Reference , we proposed one novel intelligent intrusion detection, decision, response system (I 2 D 2 RS) with fuzzy rule-base method. This I 2 D 2 RS utilizes the two essential informations of the failed login's users: the failed login's times and time, to decide automatically who is a normal user and who is a intrusive user from the failed login's users using the fuzzy rules built on the measures and skills of the experienced system/security administrators. "
ABSTRACT: Neural networks have good learning and associative memory abilities and have been widely applied to var-ious fields. We employed the Backpropagation Neural Network (BPNN) to replace the fuzzy methods of the Intelligent Intrusion Detection, Decision, Response System (I 2 D 2 RS)  to decide the intrusion. Through this improvement the processing of the system was simplified and the performance of the system was enhanced in the intrusion decision. The effectivities of these improvements were confirmed with the experiments.
Conference Paper: Application of Neuro-Fuzzy Approach for I2D2RS[Show abstract] [Hide abstract]
ABSTRACT: In this paper, one backpropagation neural network (BPNN) was utilized to classify the grades of periodicity of the time intervals that is one of the most important evidence of the intrusion decision in the intelligent intrusion detection, decision, response system (I<sup>2</sup>D<sup>2</sup>RS) for resolving its problems: multi-inputs/outputs, non-linearing and complexity. Neural network is good at processing these problems. And for the Neuro-Fuzzy approach was introduced in the I<sup>2</sup>D<sup>2</sup>RS the fuzzy rules was simplified and the system's processing speed was accelerated.Innovative Computing, Information and Control, 2007. ICICIC '07. Second International Conference on; 10/2007