Decision Making Process in Intrusion Detection Process

When talking about system security, each system which tends to be a secure one must rely on an expert system. Today's experimental results show that the weakest factor in a whole information security system chain is a human. In order to reduce the human influence, in this paper the implementation of fuzzy logic in decision making process in the field of intrusion detection process is proposed. The question which has to be answered is why to use expert systems in that context. Even the successful expert systems which have been developed and contain human expert knowledge provide only a small part of a problem solution. Expert systems don't have real intelligence and they have been used mainly for assistance in human expert processes. Artificial expertise is stable and always accessible data and knowledge are stored into computer memory and stay there until they are changed or deleted. Human expertise is unstable. In order to develop a good expert system we need approximately one year. When talking about human experts, the number of real human experts is not so big (some of them change their jobs, are retired and so on). This is the major reason why we need expert systems although they possess limited knowledge, they can to some extent replace human experts. Expert systems are very sophisticated applications which use powerful computer resources to help humans in their jobs. This paper describes how to use expert systems in the field of intrusion decision making while supporting the fuzzy logic at the same time.