Adding contextual information to Intrusion Detection Systems using Fuzzy Cognitive Maps

In the last few years there has been considerable increase in the efficiency of Intrusion Detection Systems (IDSs). However, networks are still the victim of attacks. As the complexity of these attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of IDSs should be designed incorporating reasoning engines supported by contextual information about the network, cognitive information from the network users and situational awareness to improve their detection results. In this paper, we propose the use of a Fuzzy Cognitive Map (FCM) in conjunction with an IDS to incorporate contextual information into the detection process. We have evaluated the use of FCMs to adjust the Basic Probability Assignment (BPA) values defined prior to the data fusion process, which is crucial for the IDS that we have developed. The results that we present verify that FCMs can improve the efficiency of our IDS by reducing the number of false alarms, while not affecting the number of correct detections.

[1]  Chrysostomos D. Stylios,et al.  Modeling complex systems using fuzzy cognitive maps , 2004, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[2]  Mieczyslaw M. Kokar,et al.  Situation Awareness and Cognitive Modeling , 2012, IEEE Intelligent Systems.

[3]  Stathes Hadjiefthymiades,et al.  Situation Awareness: Dealing with Vague Context , 2006, 2006 ACS/IEEE International Conference on Pervasive Services.

[4]  Elisabeth Buffard,et al.  VLC Media Player , 2012 .

[5]  Jesús García,et al.  Context-based Information Fusion: A survey and discussion , 2015, Inf. Fusion.

[6]  David J. Parish,et al.  FlowStats: An ontology based network management tool , 2015, 2015 Second International Conference on Computing Technology and Information Management (ICCTIM).

[7]  José M. Fernandez,et al.  Semantic-based context-aware alert fusion for distributed Intrusion Detection Systems , 2013, 2013 International Conference on Risks and Security of Internet and Systems (CRiSIS).

[8]  Konstantinos G. Kyriakopoulos,et al.  Manual and Automatic assigned thresholds in multi-layer data fusion intrusion detection system for 802.11 attacks , 2014, IET Inf. Secur..

[9]  Rashaad E. T. Jones,et al.  Modeling Situation Awareness for Army Infantry Platoon Leaders Using Fuzzy Cognitive Mapping Techniques , 2010 .

[10]  A. K. Bhattacharjee,et al.  IDS alerts classification using knowledge-based evaluation , 2012, 2012 Fourth International Conference on Communication Systems and Networks (COMSNETS 2012).

[11]  Yongping Zhang,et al.  Providing Context-awareness in the Smart Car Environment , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[12]  Lily R. Liang,et al.  Cognitive situation and threat assessments of ground battlespaces , 2003, Inf. Fusion.

[13]  Rossitza Setchi,et al.  Modelling IT projects success with Fuzzy Cognitive Maps , 2007, Expert Syst. Appl..

[14]  Konstantinos G. Kyriakopoulos,et al.  Automatic Dataset Labelling and Feature Selection for Intrusion Detection Systems , 2014, 2014 IEEE Military Communications Conference.

[15]  Hui Cheng,et al.  A Hierarchical Behavior Analysis Approach for Automated Trainee Performance Evaluation in Training Ranges , 2013, HCI.

[16]  Jose L. Salmeron Fuzzy cognitive maps for artificial emotions forecasting , 2012, Appl. Soft Comput..

[17]  Jose L. Salmeron,et al.  Benchmarking main activation functions in fuzzy cognitive maps , 2009, Expert Syst. Appl..

[18]  Takashi Okuda,et al.  Computational intelligence for distributed fault management in networks using fuzzy cognitive maps , 1996, Proceedings of ICC/SUPERCOMM '96 - International Conference on Communications.

[19]  Mahmoud Jazzar,et al.  Towards real-time intrusion detection using fuzzy cognitive maps modeling and simulation , 2008, 2008 International Symposium on Information Technology.

[20]  Panagiota Spyridonos,et al.  Brain tumor characterization using the soft computing technique of fuzzy cognitive maps , 2008, Appl. Soft Comput..