DocumentCode
3384225
Title
Fuzzy intrusion detection
Author
Dickerson, John E. ; Juslin, Jukka ; Koukousoula, Ourania ; Dickerson, Julie A.
Author_Institution
Dept. of Electr. & Comput. Eng., Iowa State Univ., Ames, IA, USA
Volume
3
fYear
2001
fDate
25-28 July 2001
Firstpage
1506
Abstract
The Fuzzy Intrusion Recognition Engine (FIRE) is a network intrusion detection system that uses fuzzy systems to assess malicious activity against computer networks. The system uses an agent-based approach to separate monitoring tasks. Individual agents perform their own fuzzification of input data sources. All agents communicate with a fuzzy evaluation engine that combines the results of individual agents using fuzzy rules to produce alerts that are true to a degree. Several intrusion scenarios are presented along with the fuzzy systems for detecting the intrusions. The fuzzy systems are tested using data obtained from networks under simulated attacks. The results show that fuzzy systems can easily identify port scanning and denial of service attacks. The system can be effective at detecting some types of backdoor and Trojan horse attacks
Keywords
computer networks; fuzzy logic; multi-agent systems; security of data; system monitoring; FIRE; Fuzzy Intrusion Recognition Engine; Trojan horse attacks; agent-based approach; backdoor attacks; computer networks; fuzzification; fuzzy evaluation engine; fuzzy intrusion detection; malicious activity; network intrusion detection system; port scanning attacks; service denial attacks; Communication system control; Computer networks; Engines; Fires; Fuzzy systems; Intrusion detection; Monitoring; Performance analysis; Telecommunication traffic; Transceivers;
fLanguage
English
Publisher
ieee
Conference_Titel
IFSA World Congress and 20th NAFIPS International Conference, 2001. Joint 9th
Conference_Location
Vancouver, BC
Print_ISBN
0-7803-7078-3
Type
conf
DOI
10.1109/NAFIPS.2001.943772
Filename
943772
Link To Document