Network intrusion detection based on neuro-fuzzy classification

With rapid growth of computer networks during the past few years, network security has become a crucial issue. Among the various network security measures, intrusion detection systems (IDS) play a vital role to integrity, confidentiality and availability of resources. It seems that the presence of uncertainty and the imprecise nature of the intrusions make fuzzy systems suitable for such systems. Fuzzy systems are not normally adaptive and have not the ability to construct models solely based on the target system's sample data. One of the successful approaches which are incorporated fuzzy systems with adaptation and learning capabilities is the neural fuzzy method. The main objective of this work is to utilize ANFIS (adaptive neuro fuzzy inference system) as a classifier to detect intrusions in computer networks. This paper evaluates performance of ANFIS in the forms of binary and multi-classifier to categorize activities of a system into normal and suspicious or intrusive activities. Experiments for evaluation of the classifiers were performed with the KDD Cup 99 intrusion detection dataset. The Overall Results show that ANFIS can be effective in detecting various intrusions.

[1]  Dimitar Filev,et al.  Generation of Fuzzy Rules by Mountain Clustering , 1994, J. Intell. Fuzzy Syst..

[2]  MengChu Zhou,et al.  Fuzzy intrusion detection based on fuzzy reasoning Petri nets , 2003, SMC'03 Conference Proceedings. 2003 IEEE International Conference on Systems, Man and Cybernetics. Conference Theme - System Security and Assurance (Cat. No.03CH37483).

[3]  Graham J. Williams,et al.  On-Line Unsupervised Outlier Detection Using Finite Mixtures with Discounting Learning Algorithms , 2000, KDD '00.

[4]  Sugata Sanyal,et al.  Adaptive neuro-fuzzy intrusion detection systems , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[5]  Salvatore J. Stolfo,et al.  Using artificial anomalies to detect unknown and known network intrusions , 2001, Proceedings 2001 IEEE International Conference on Data Mining.

[6]  C. Lucas,et al.  Intrusion detection using a fuzzy genetics-based learning algorithm , 2007, J. Netw. Comput. Appl..

[7]  Jyh-Shing Roger Jang,et al.  ANFIS: adaptive-network-based fuzzy inference system , 1993, IEEE Trans. Syst. Man Cybern..

[8]  Zheng Zhang,et al.  HIDE : a Hierarchical Network Intrusion Detection System Using Statistical Preprocessing and Neural Network Classification , 2001 .

[9]  Jonatan Gómez,et al.  Evolving Fuzzy Classifiers for Intrusion Detection , 2002 .

[10]  Stephen L. Chiu,et al.  Fuzzy Model Identification Based on Cluster Estimation , 1994, J. Intell. Fuzzy Syst..

[11]  J. Tin-Yau Kwok,et al.  An extended genetic rule induction algorithm , 2000, Proceedings of the 2000 Congress on Evolutionary Computation. CEC00 (Cat. No.00TH8512).

[12]  D. Nauck,et al.  Nefclass | a Neuro{fuzzy Approach for the Classification of Data , 1995 .

[13]  Malcolm I. Heywood,et al.  Training genetic programming on half a million patterns: an example from anomaly detection , 2005, IEEE Transactions on Evolutionary Computation.

[14]  H. Ishibuchi,et al.  A fuzzy classifier system that generates fuzzy if-then rules for pattern classification problems , 1995, Proceedings of 1995 IEEE International Conference on Evolutionary Computation.

[15]  Julie A. Dickerson,et al.  Fuzzy network profiling for intrusion detection , 2000, PeachFuzz 2000. 19th International Conference of the North American Fuzzy Information Processing Society - NAFIPS (Cat. No.00TH8500).