Conference Paper

Intrusion detection system based on fuzzy default logic

Dept. of Comput. Sci. & Technol., Southeast Univ., Nanjing, China
DOI: 10.1109/FUZZ.2003.1206627 Conference: Fuzzy Systems, 2003. FUZZ '03. The 12th IEEE International Conference on, Volume: 2
Source: IEEE Xplore

ABSTRACT Current IDSs usually have several shortcomings. First, the speed and sensitivity of detection are not so ideal. Secondly, the response system lacks the ability to correct errors. Thirdly, the cost of intrusion detection is not considered, that is, the response policy is static. This paper applies fuzzy default theory to transform reasoning and response engine of IDS, based on the proving of IDS as non-monotonic, and set up an intelligent IDS-FDL-IDS. The experiment result showed that FDL-IDS increased the detection speed and sensitivity and decreased the cumulative cost as compared with traditional intrusion detection expert system.

  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: A distributed nonlinear estimation method based on soft-data-constrained multimodel particle filtering and applicable to a number of distributed state estimation problems is proposed. This method needs only local data exchange among neighboring sensor nodes and thus provides enhanced reliability, scalability, and ease of deployment. To make the multimodel particle filtering work in a distributed manner, a Gaussian approximation of the particle cloud obtained at each sensor node and a consensus propagation-based distributed data aggregation scheme are used to dynamically reweight the particles' weights. The proposed method can recover from failure situations and is robust to noise, since it keeps the same population of particles and uses the aggregated global Gaussian to infer constraints. The constraints are enforced by adjusting particles' weights and assigning a higher mass to those closer to the global estimate represented by the nodes in the entire sensor network after each communication step. Each sensor node experiences gradual change; i.e., if a noise occurs in the system, the node, its neighbors, and consequently the overall network are less affected than with other approaches, and thus recover faster. The efficiency of the proposed method is verified through extensive simulations for a target tracking system which can process both soft and hard data in sensor networks.
    IEEE transactions on cybernetics. 06/2014;
  • [Show abstract] [Hide abstract]
    ABSTRACT: The importance of fuzzy logic (FL) in approximate reasoning, and that of default logic (DL) in reasoning with incomplete information, is well established. Also, the need for a commonsense reasoning framework that handles both these aspects has been widely anticipated. The purpose of this paper is to show that fuzzyfied default logic (FDL) is an attempt at creating such a framework. The basic syntax, semantics, unique characteristics and examples of its complex reasoning abilities are presented in this paper. Interestingly, FDL turns out to be a generalization of traditional DL, with even better support for non-monotonic reasoning. The paper presents a generalized tool for commonsense reasoning which can be used for inference under incomplete information.
    International Journal of Intelligent Computing and Cybernetics 03/2011; 4(1).
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: The slow port scan attack detection is the one of the important topics in the network security. We suggest an abnormal traffic control framework to detect slow port scan attacks using fuzzy rules. The abnormal traffic control framework acts as an intrusion prevention system to suspicious network traffic. It manages traffic with a stepwise policy: first decreasing network bandwidth and then discarding traffic. In this paper, we show that our abnormal traffic control framework effectively detects slow port scan attacks traffic using fuzzy rules and a stepwise policy.
    Journal of Korean Institute of Intelligent Systems. 10/2008; 18(5).


1 Download
Available from