Design and development of suginer filter for intrusion detection using real time network data

By rapid use of the Internet and computer network all over the world makes security a major issues, so using the intrusion-detection system has become more important. All the same, the primary issues of Intrusion-Detection System (IDS) are generating high false alarm rate and fails to detect attacks, which make system security more vulnerable. This paper proposed a new concept of using Suginer Filter to identify IDS. The Takagi-Sugeno fuzzy model is structured based on Neurofuzzy method to generate fuzzy rules and wiener filter is used to filter out attack as a noise signal using fuzzy rule generation. These two methods are combined to detect intrusive behavior of the system. The proposed suginer filter (Sugeno+Wiener) uses completely a different research structure to identify attacks and the experiment was evaluated on live network data collected, which shows that the proposed system achieves approximately 98.46% of accuracy and reduce false alarm rate to 0.08% in detecting different real time attacks. From the obtained result it’s clear that the proposed system performs better when compared with other existing machine learning techniques.

[1]  Emin Anarim,et al.  An intelligent intrusion detection system (IDS) for anomaly and misuse detection in computer networks , 2005, Expert Syst. Appl..

[3]  Jyh-Shing Roger Jang,et al.  ANFIS: adaptive-network-based fuzzy inference system , 1993, IEEE Trans. Syst. Man Cybern..

[4]  Francisco Herrera,et al.  On the combination of genetic fuzzy systems and pairwise learning for improving detection rates on Intrusion Detection Systems , 2015, Expert Syst. Appl..

[5]  Ahmed Patel,et al.  Strategy to reduce false alarms in intrusion detection and prevention systems , 2014, Int. Arab J. Inf. Technol..

[6]  Michio Sugeno,et al.  Fuzzy identification of systems and its applications to modeling and control , 1985, IEEE Transactions on Systems, Man, and Cybernetics.

[7]  Jiankun Hu,et al.  A program-based anomaly intrusion detection scheme using multiple detection engines and fuzzy inference , 2009, J. Netw. Comput. Appl..

[8]  Dong Hoon Lee,et al.  Data-mining based SQL injection attack detection using internal query trees , 2014, Expert Syst. Appl..

[9]  Mouhammd Alkasassbeh Network Intrusion Detection with Wiener Filter-based Agent , 2011 .

[10]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..

[11]  Mehmet Celenk,et al.  Anomaly prediction in network traffic using adaptive Wiener filtering and ARMA modeling , 2008, 2008 IEEE International Conference on Systems, Man and Cybernetics.

[12]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[13]  Stefan Axelsson Research in Intrusion-Detection Systems: A Survey , 1998 .

[14]  Bin Luo,et al.  A novel intrusion detection system based on feature generation with visualization strategy , 2014, Expert Syst. Appl..