Towards real-time intrusion detection using fuzzy cognitive maps modeling and simulation

Fuzzy cognitive maps (FCM) are ideal causal knowledge acquiring tools with fuzzy signed graphs which can be presented as an associative single layer neural network. Using FCM, our methodology attempt to diagnose and direct network traffic data based on its relevance to attack or normal connections. By quantifying the causal inference process, we can determine the attack detection and the severity of odd packets. As such, packets with low causal relations to attacks can be dropped or ignored and/or packets with high causal relations to attacks are to be highlighted. In this paper, we present a new real-time intrusion detection approach using FCM to replicate normal and attack network connection.

[1]  Julie A. Dickerson,et al.  Fuzzy intrusion detection , 2001, Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569).

[2]  Yiquan Hu,et al.  TIAA: A Toolkit for Intrusion Alert Analysis , 2004 .

[3]  Jose Aguilar,et al.  A DYNAMIC FUZZY-COGNITIVE-MAP APPROACH BASED ON RANDOM NEURAL NETWORKS , 2003 .

[4]  Hua Song,et al.  Real-time intrusion detection for high-speed networks , 2005, Comput. Secur..

[5]  Morteza Amini,et al.  RT-UNNID: A practical solution to real-time network-based intrusion detection using unsupervised neural networks , 2006, Comput. Secur..

[6]  Bart Kosko,et al.  Fuzzy Cognitive Maps , 1986, Int. J. Man Mach. Stud..

[7]  Rayford B. Vaughn,et al.  Intrusion sensor data fusion in an intelligent intrusion detection system architecture , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[8]  C. Stylios,et al.  Mathematical Formulation of Fuzzy Cognitive Maps , 1999 .

[9]  Bart Kosko,et al.  Fuzzy Engineering , 1996 .

[10]  A. Samsudin,et al.  False positives reduction via intrusion alert quality framework , 2005, 2005 13th IEEE International Conference on Networks Jointly held with the 2005 IEEE 7th Malaysia International Conf on Communic.

[11]  Wu Yang,et al.  Intrusion detection system for high-speed network , 2004, Comput. Commun..

[12]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..

[13]  Da-Xin Tian,et al.  ANNIDS: intrusion detection system based on artificial neural network , 2003, Proceedings of the 2003 International Conference on Machine Learning and Cybernetics (IEEE Cat. No.03EX693).

[14]  Kristopher Kendall,et al.  A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems , 1999 .

[15]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[16]  Salvatore J. Stolfo,et al.  Adaptive Intrusion Detection: A Data Mining Approach , 2000, Artificial Intelligence Review.

[17]  Riyad Alshammari,et al.  Using Neuro-Fuzzy Approach to Reduce False Positive Alerts , 2007, Fifth Annual Conference on Communication Networks and Services Research (CNSR '07).

[18]  Chan-Hyun Youn,et al.  A Probe Detection Model Using the Analysis of the Fuzzy Cognitive Maps , 2005, ICCSA.