Conference Paper

Intrusion detection system based on fuzzy default logic

Dept. of Comput. Sci. & Technol., Southeast Univ., Nanjing, China
DOI: 10.1109/FUZZ.2003.1206627 Conference: Fuzzy Systems, 2003. FUZZ '03. The 12th IEEE International Conference on, Volume: 2
Source: IEEE Xplore

ABSTRACT Current IDSs usually have several shortcomings. First, the speed and sensitivity of detection are not so ideal. Secondly, the response system lacks the ability to correct errors. Thirdly, the cost of intrusion detection is not considered, that is, the response policy is static. This paper applies fuzzy default theory to transform reasoning and response engine of IDS, based on the proving of IDS as non-monotonic, and set up an intelligent IDS-FDL-IDS. The experiment result showed that FDL-IDS increased the detection speed and sensitivity and decreased the cumulative cost as compared with traditional intrusion detection expert system.

0 Followers
 · 
104 Views
 · 
1 Download
  • Source
    • "Based on IDSs, most of the works conducted in the literature falls into two key parts: detection model and generation and intrusion features selection. For detection model and generation, numerous machine learning methods are adopted to build efficient detection models such as Fuzzy Logic (FL) [8] [9], Genetic Algorithms (GAs) [10] [11] [12], Neural Networks (NNs) [13] [14] [15], and Support Vector Machines (SVMs) [16] [17] [18]. For intrusion features selection, many research works have tried to select the important intrusion features using different approaches such as NNs [19] [20], GAs [21] [22] [23] [24], SVMs [25] [26], and other optimization tools [1] [2]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: A distributed nonlinear estimation method based on soft-data-constrained multimodel particle filtering and applicable to a number of distributed state estimation problems is proposed. This method needs only local data exchange among neighboring sensor nodes and thus provides enhanced reliability, scalability, and ease of deployment. To make the multimodel particle filtering work in a distributed manner, a Gaussian approximation of the particle cloud obtained at each sensor node and a consensus propagation-based distributed data aggregation scheme are used to dynamically reweight the particles' weights. The proposed method can recover from failure situations and is robust to noise, since it keeps the same population of particles and uses the aggregated global Gaussian to infer constraints. The constraints are enforced by adjusting particles' weights and assigning a higher mass to those closer to the global estimate represented by the nodes in the entire sensor network after each communication step. Each sensor node experiences gradual change; i.e., if a noise occurs in the system, the node, its neighbors, and consequently the overall network are less affected than with other approaches, and thus recover faster. The efficiency of the proposed method is verified through extensive simulations for a target tracking system which can process both soft and hard data in sensor networks.
    Cybernetics, IEEE Transactions on 06/2014; 45(3). DOI:10.1109/TCYB.2014.2326549 · 3.47 Impact Factor
  • Source
    • "Based on IDSs, most of the works conducted in the literature falls into two key parts: detection model and generation and intrusion features selection. For detection model and generation, numerous machine learning methods are adopted to build efficient detection models such as Fuzzy Logic (FL) [8] [9], Genetic Algorithms (GAs) [10] [11] [12], Neural Networks (NNs) [13] [14] [15], and Support Vector Machines (SVMs) [16] [17] [18]. For intrusion features selection, many research works have tried to select the important intrusion features using different approaches such as NNs [19] [20], GAs [21] [22] [23] [24], SVMs [25] [26], and other optimization tools [1] [2]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Intrusion Detection Systems (IDSs) deal with large amount of data containing irrelevant and redundant features, which leads to slow training and testing processes, heavy computational resources and low detection accuracy. Therefore, the features selection is an important issue in intrusion detection. In this paper, we investigate the use of evolution algorithms for features selection approach in IDS. We compared the performance of three feature selection algorithms: Genetic Algorithms (GAs), Particle Swarm Optimization (PSO) and Differential Evolution (DE) using KDD Cup 1999 dataset. Our results show that DE is clearly and consistently superior compared to GAs and PSO for feature selection problems, both in respect to classification accuracy as well as number of features.
    Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication; 01/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: The function of intrusion detection systems without a timely response against intrusions and threats will be largely limited even they can detect attacks and generate alarms. A comprehensive security solution usually has a timely countermeasure against intrusions. IDSs aim to cover vulnerabilities by detecting different attack types, some of which can be responded by hand. The manual response, however, can not protect the system against fast attacks such as highly distributed DDoS attacks. Since it is impossible to provide a highly efficient way of responding to highspeed threats manually, automated response is proposed. In this chapter, we discuss in details different response approaches.
Show more

Preview

Download
1 Download
Available from