DocumentCode :
2542377
Title :
Fuzzy network profiling for intrusion detection
Author :
Dickerson, John E. ; Dickerson, Julie A.
Author_Institution :
Dept. of Electr. Eng. & Comput. Eng., Iowa State Univ., Ames, IA, USA
fYear :
2000
fDate :
2000
Firstpage :
301
Lastpage :
306
Abstract :
The Fuzzy Intrusion Recognition Engine (FIRE) is an anomaly-based intrusion detection system that uses fuzzy logic to assess whether malicious activity is taking place on a network. It uses simple data mining techniques to process the network input data and help expose metrics that are particularly significant to anomaly detection. These metrics are then evaluated as fuzzy sets. FIRE uses a fuzzy analysis engine to evaluate the fuzzy inputs and trigger alert levels for the security administrator. This paper describes the components in the FIRE architecture and explains their roles. Particular attention is given to explaining the benefits of data mining and how this can improve the meaningfulness of the fuzzy sets. Fuzzy rules are developed for some common intrusion detection scenarios. The results of tests with actual network data and actual malicious attacks are described. The FIRE IDS can detect a wide-range of common attack types
Keywords :
data mining; fuzzy logic; safety systems; security of data; data mining; fuzzy analysis engine; fuzzy intrusion recognition engine; fuzzy logic; fuzzy network profiling; fuzzy rules; fuzzy sets; intrusion detection; Computer crime; Data mining; Data security; Fires; Fuzzy logic; Fuzzy sets; Fuzzy systems; Information security; Intrusion detection; Search engines;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Fuzzy Information Processing Society, 2000. NAFIPS. 19th International Conference of the North American
Conference_Location :
Atlanta, GA
Print_ISBN :
0-7803-6274-8
Type :
conf
DOI :
10.1109/NAFIPS.2000.877441
Filename :
877441
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2542377
بازگشت