Adaptive neuro-fuzzy intrusion detection systems

Chavan, S.; Shah, Khusbu; Dave, Neha; Mukherjee, Sanghamitra; Abraham, Ajith; Sanyal, Sugata

doi:10.1109/itcc.2004.1286428

Cited by 75 publications

(41 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…One of the seminal works on adaptive IDS was done by Lee et al (2000) started with rule-based adaptive IDS. The traditional association rule mining proposed by Lee et al (2000) was replaced by recent rulemining techniques such as Fuzzy Inference and Artificial Neural Network as done by Chavan et al (2004) and Liao et al (2007) and Genetic Algorithm and Learning Classifier System by Shafi and Abbas (2009). Dynamic updating strategy is pursued until now.…”

Section: (D) Manual Updatingmentioning

confidence: 99%

Design of Adaptive IDS with Regulated Retraining Approach

Zainal

Maarof

Shamsuddin

et al. 2012

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract.Computer networks are becoming more insecure and vulnerable to intrusions and attacks as they are increasingly accessible to users globally. To minimize possibility of intrusions and attacks, various intrusion detection models have been proposed. However, the existing procedures suffer high false alarm, not adequately adaptive, low accuracy and rigid. The detection performance deteriorates when behavior of traffic is changing and new attacks continually emerge. Therefore, the need to update the reference model for any given anomaly-based intrusion detection is necessary to keep up with these changes. Severe changes should be addressed immediately before the performance is compromised. Available updating approaches include dynamic, periodic and regulated. Unfortunately, none considers severity of changes to trigger the updating. This paper proposed an adaptive IDS model using regulated retraining approach based on severity of changes in network traffic. Therefore, retraining can be done as and when necessary. Changes are denoted by ambiguous decisions and assumed to reflect insufficient knowledge of classifiers to make decision. Results show that the proposed approach is able to improve detection accuracy and reduce false alarm.

show abstract

Section: (D) Manual Updatingmentioning

confidence: 99%

Design of Adaptive IDS with Regulated Retraining Approach

Zainal

Maarof

Shamsuddin

et al. 2012

Communications in Computer and Information Science

View full text Add to dashboard Cite

show abstract

“…Firewalls were made in order to protect the networks from attacks that come from outside world, but they do not obliterate any intrusion coming from inside the network. Intrusion Detection Systems (IDS), on the other hand, monitor networking packets in order to prevent any form of computer attacks from within the network [1][2][3][4]. This work focuses on IDS, since existing commercial IDS's offer wide window for improvements.…”

Section: Introductionmentioning

confidence: 99%

“…In general, IDSs may be designed to perform misuse detection or anomaly detection [1,5]. In misuse detection, all known abnormal behavior is defined and the system is trained to recognize it.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Intrusion Detection System using Fuzzy Logic

Selman¹

2013

scjournal

View full text Add to dashboard Cite

Intrusion detection plays an important role in today's computer and communication technology. As such it is very important to design time efficient Intrusion Detection System (IDS) low in both, False Positive Rate (FPR) and False Negative Rate (FNR), but high in attack detection precision. To achieve that, this paper proposes IDS model based on Fuzzy Logic. Proposed model consists of three parts, Input Reduction System (IRS), which uses Principal Component Analysis to reduce the dimensions of the system from 41 to 10, Classification System, which uses Fuzzy C Means to create data clusters based on training data and Pattern Recognition System based on Nearest Neighborhood method, which classifies new-coming data records to their respective clusters. Based on different attack types, the system performance in classification process is different and the best performance is achieved for PROBE attack, with 99.3% success rate, and the best performance in pattern recognition is achieved for U2R with 58.8% of success rate.

show abstract

“…Several types of intrusion detection systems are in use [1], [2], [3], [4], [5], [6]. Configuring an IDS to detect internal attacks can be difficult.…”

Section: Introductionmentioning

confidence: 99%

Detecting Insider Attacks Using Non-negative Matrix Factorization

Platoš

Snášel

Krömer

et al. 2009

2009 Fifth International Conference on Information Assurance and Security

View full text Add to dashboard Cite

Abstract-It is a fact that vast majority of attention is given to protecting against external threats, which are considered more dangerous. However, some industrial surveys have indicated they have had attacks reported internally. Insider Attacks are an unusual type of threat which are also serious and very common. Unlike an external intruder, in the case of internal attacks, the intruder is someone who has been entrusted with authorized access to the network. This paper presents a Non-negative Matrix Factorization approach to detect inside attacks. Comparisons with other established pattern recognition techniques reveal that the Non-negative Matrix Factorization approach could be also an ideal candidate to detect internal threats.

show abstract

Adaptive neuro-fuzzy intrusion detection systems

Cited by 75 publications

References 5 publications

Design of Adaptive IDS with Regulated Retraining Approach

Design of Adaptive IDS with Regulated Retraining Approach

Intrusion Detection System using Fuzzy Logic

Detecting Insider Attacks Using Non-negative Matrix Factorization

Contact Info

Product

Resources

About