Hybrid Intrusion Detection Systems (HIDS) using Fuzzy Logic

Shanmugam, Bharanidharan; Idris, Norbik Bashah

doi:10.5772/14130

Cited by 14 publications

(10 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on the architecture, an IDS can be classified into three types: host-based IDS, network-based IDS, and hybrid IDS. Where the host-based IDS works by analyze data from monitored hosts, network-based IDS analyze from network traffic, and hybrid IDS is the combination of both [6], [7].…”

Section: Intrusion Detection Systemmentioning

confidence: 99%

“…The research classified into two categories, the first related with hybrid IDS, and two are associated with IDS for SQL injection attacks. In first category, the studies generally built hybrid IDS with a combination of network data packet and system activity logs, among others Shanmugam and Idris [7], Sharma and Chandel [17], and Yunmar [18]. Except of Yunmar research, the first category generally focused on analyze network based attacks, such as DoS, U2R, R2L, etc.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Untitled

2019

kursor

View full text Add to dashboard Cite

SQL injection attacks toward web application increasingly prevalent. Testing to the web that will published is the one of preventive measures. However, this method sometimes ineffective because constrained by various things. Instrusion detection system (IDS) has ability to help and protect the website from various attacks. This study proposed a hybrid IDS for web applications from SQL injection attacks. The IDS built based on hybrid architecture with a signature-based detection method, type of data that will be analyzed is network data packet and error log. The fuzzy logic inference engine used to be drawn the conclusion based on analyzed data. Proposed hybrid IDS tested against various types of SQL injection attack, such as Tautology, UNION query, Piggy-backed query, Malformed query, Stored Procedure, and Alternate Encoding. System testing is done with three scenarios with the aim of seeing the hybrid IDS response to the occurrence of false positives and false negative, including: testing with normal website access, testing with normal website access but inserting suspicious strings as part of SQL injection, and access that is truly a SQL injection attack. The result test shows that proposed hybrid IDS has good performance on detecting the various type of SQL injection attack, and significantly reduce or even remove the false positive and false negative.

show abstract

Section: Intrusion Detection Systemmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Untitled

2019

kursor

View full text Add to dashboard Cite

show abstract

“…However with all these techniques there is a need of hybrid intrusion detection which can detect static as well as dynamic attacks i.e can detect attacks on host as well as on network. B. Shanmugam et al [5] proposed a hybrid IDS which is more accurate, low in false alarms, intelligent by using fuzzy mechanisms and not easily deceived by small variation. But the system crashed, as it could not withstand the traffic for more than three weeks without restarting.…”

Section: Related Workmentioning

confidence: 99%

“…Many machine learning based detection techniques are used for the host as well as the network based anomaly detection. Bayesian Networks are used to encode probabilistic relationships among the variables of interest and ability to incorporate prior knowledge and data [4], Whereas Neural Networks generalize from noisy, limited and incomplete data and have the potential to recognize future unseen patterns [5]. Fuzzy Logic is employed where reasoning is approximate rather than precise [4], [5].…”

Section: Intrusion Detection Systems (Ids)mentioning

confidence: 99%

“…Bayesian Networks are used to encode probabilistic relationships among the variables of interest and ability to incorporate prior knowledge and data [4], Whereas Neural Networks generalize from noisy, limited and incomplete data and have the potential to recognize future unseen patterns [5]. Fuzzy Logic is employed where reasoning is approximate rather than precise [4], [5]. Genetic Algorithms and evolutionary algorithms are capable of deriving rules and selecting optimal parameters by use of the fitness function [6], [11], [13].…”

Section: Intrusion Detection Systems (Ids)mentioning

confidence: 99%

See 1 more Smart Citation

Host based Anomaly Detection using Fuzzy Genetic Approach (FGA)

Kaur¹,

Gill²

2013

IJCA

View full text Add to dashboard Cite

Intrusion is a fast growing security threat to the computers which fails the security of the system. The researchers have proposed number of techniques such as firewall, encryption etc. to prevent such penetration and protect the systems. With all these measures also, the intruders managed to penetrate the computers. Intrusion detection systems (IDS) monitor the resources of the computer, detect the malicious/suspicious activity either on a single machine or on the network which is different from the legitimate user activity and send the reports of such activity. The paper proposes to detect anomalous user behavior on a single machine based on the system log files using fuzzy logic and genetic algorithms.

show abstract