Hybrid Model for Computer Intrusion Detection

The goal of intrusion detection is to discover unauthorized use of computer systems. New intrusion types, of which detection systems are unaware, are the most difficult to detect. In this paper we propose an intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection. Rule induction is used to generate patterns from data and finding a set of rules that satisfy some predefined criteria. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handle complex attack patterns in large networks. We used data set from 1999 KDD intrusion detection contest.

[1]  Dieter Hutter,et al.  Attribute Reduction for Effective Intrusion Detection , 2004, AWIC.

[2]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[3]  S. V. Raghavan,et al.  Intrusion detection through learning behavior model , 2001, Comput. Commun..

[4]  Hai Jin,et al.  A fuzzy data mining based intrusion detection model , 2004, Proceedings. 10th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2004. FTDCS 2004..

[5]  J. C. Dunn,et al.  A Fuzzy Relative of the ISODATA Process and Its Use in Detecting Compact Well-Separated Clusters , 1973 .

[6]  Songul Albayrak,et al.  FUZZY C-MEANS CLUSTERING ON MEDICAL DIAGNOSTIC SYSTEMS , 2003 .

[7]  Simin Nadjm-Tehrani,et al.  Adaptive real-time anomaly detection with improved index and ability to forget , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[8]  James C. Bezdek,et al.  Pattern Recognition with Fuzzy Objective Function Algorithms , 1981, Advanced Applications in Pattern Recognition.

[9]  Salvatore J. Stolfo,et al.  A data mining framework for building intrusion detection models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[10]  Klaus-Robert Müller,et al.  Visualization of anomaly detection using prediction sensitivity , 2005, Sicherheit.

[11]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[12]  Peter Mell,et al.  Intrusion Detection Systems | NIST , 2001 .

[13]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .