Detection DoS Attack on FPGA Using Fuzzy Association Rules

This paper proposes a programmable embedded system based on data mining and fuzzy logic to determine Denial of Service (DoS) attacks in real time. The proposed system detects the DoS attacks to a web service. The system consists of two phases. At the first phase, the number of terminated connection and the number of connection request statistics and so on have been extracted from packet. These obtained features constitute training data. Each record in training data was obtained with 2 sec intervals from network traffic. Then Fuzzy classification rules have been obtained from training data by data mining and fuzzy logic. At the second phase, DoS attacks have been detected using these rules in real time for testing purpose. The proposed system has been tested on Alter a Cyclone III EPC3C40F484C7 in the FPGA environment.

[1]  Rakesh Agarwal,et al.  Fast Algorithms for Mining Association Rules , 1994, VLDB 1994.

[2]  Abdolreza Mirzaei,et al.  Intrusion detection using fuzzy association rules , 2009, Appl. Soft Comput..

[3]  Ma Yanchun The intrusion detection system based on fuzzy association rules mining , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[4]  Hisao Ishibuchi,et al.  Fuzzy data mining: effect of fuzzy discretization , 2001, Proceedings 2001 IEEE International Conference on Data Mining.

[5]  A. Halim Zaim,et al.  A hybrid intrusion detection system design for computer network security , 2009, Comput. Electr. Eng..

[6]  Taner Tuncer,et al.  FPGA based programmable embedded intrusion detection system , 2010, SIN.

[7]  Alok N. Choudhary,et al.  An FPGA Implementation of Decision Tree Classification , 2007, 2007 Design, Automation & Test in Europe Conference & Exhibition.

[8]  Salvatore J. Stolfo,et al.  Adaptive Intrusion Detection: A Data Mining Approach , 2000, Artificial Intelligence Review.

[9]  Man Hon Wong,et al.  Mining fuzzy association rules in databases , 1998, SGMD.

[10]  A. El-Semary,et al.  Applying Data Mining of Fuzzy Association Rules to Network Intrusion Detection , 2006, 2006 IEEE Information Assurance Workshop.