Title :
An improved algorithm for fuzzy data mining for intrusion detection
Author :
Florez, German ; Bridges, Susan M. ; Vaughn, Rayford B.
Abstract :
We have been using fuzzy data mining techniques to extract patterns that represent normal behavior for intrusion detection. We describe a variety of modifications that we have made to the data mining algorithms in order to improve accuracy and efficiency. We use sets of fuzzy association rules that are mined from network audit data as models of "normal behavior." To detect anomalous behavior, we generate fuzzy association rules from new audit data and compute the similarity with sets mined from "normal" data. If the similarity values are below a threshold value, an alarm is issued. We describe an algorithm for computing fuzzy association rules based on Borgelt\´s (2001) prefix trees, modifications to the computation of support and confidence of fuzzy rules, a new method for computing the similarity of two fuzzy rule sets, and feature selection and optimization with genetic algorithms. Experimental results demonstrate that we can achieve better running time and accuracy with these modifications.
Keywords :
data mining; fuzzy logic; fuzzy set theory; genetic algorithms; security of data; alarm; anomalous behavior; feature selection; fuzzy association rules; fuzzy data mining; genetic algorithms; intrusion detection; network audit data; normal behavior; prefix trees; Association rules; Bridges; Computer networks; Data mining; Fuzzy sets; Genetic algorithms; Intrusion detection; Itemsets; Logic; Optimization methods;
Conference_Titel :
Fuzzy Information Processing Society, 2002. Proceedings. NAFIPS. 2002 Annual Meeting of the North American
Print_ISBN :
0-7803-7461-4
DOI :
10.1109/NAFIPS.2002.1018103
