Intrusion detection based on Neuro-Fuzzy classification

Computer security is far from being guaranteed due to the scalability of computer networks, the constant evolution of risks and the presence of noisy information. Several solutions were proposed to ensure the integrity, confidentiality and availability of resources, including intrusion detection systems (IDS). The main objective of the current work is first to take advantage of data mining techniques such as normalization, feature selection and eliminating redundancies in order to analyze the huge data like the KDDCUP'99. The second objective is the learning ability of neural networks and the third one is the fuzzy logic reasoning that realizes knowledge wave characters. The proposed model is the Neuro-Fuzzy model precisely the NEFCLASS (Neuro Fuzzy Classification) model of a generic fuzzy perceptron which is in the form of a combination of neuron and fuzzy system networks. This model is characterized by its powerfulness thanks to its large database and rapidity due to its parallel architecture. Moreover, it can be easily updated through the re-learning process following the scalability potential inherited in its architecture. As well as it is distinguished by an intuitive model presented by linguistic rules that are easily understood by the security operator. To test out the adaptability of our approach in detecting unknown attacks we use a test database , namely corrected test that contains new attacks that are not present in the training set and compare the results obtained by the model ANFIS. We prove that our approach based on NEFCLASS model is more powerful in classifying intrusions than the one based on ANFIS model. To highlight the motivation for using the Neuro-Fuzzy Classifier, a comparative study was conducted by using the full 10% KDD among the NEFCLASS model and other supervised classifiers which are ANN and C5.0.

[1]  S. Sathya Bama,et al.  Network Intrusion Detection using Clustering: A Data Mining Approach , 2011 .

[2]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[3]  Karim Tabia,et al.  Approches basées sur les réseaux Bayésiens pour la prédiction d'attaques sévères , 2010 .

[4]  Detlef Nauck,et al.  Foundations Of Neuro-Fuzzy Systems , 1997 .

[5]  Salem Benferhat,et al.  Réseaux Bayésiens naïfs pour la détection des attaques coordonnées , 2008 .

[6]  Wei Wang,et al.  Towards Fast Detecting Intrusions: Using Key Attributes of Network Traffic , 2008, 2008 The Third International Conference on Internet Monitoring and Protection.

[7]  S J Ghule,et al.  Network Intrusion Detection System using Fuzzy Logic , 2014 .

[8]  Md. Abu Naser Bikas,et al.  An Implementation of Intrusion Detection System Using Genetic Algorithm , 2012, ArXiv.

[9]  R. Shanmugavadivu NETWORK INTRUSION DETECTION SYSTEM USING FUZZY LOGIC , 2011 .

[10]  Firas S. Jassim,et al.  Evaluation of Different Data Mining Algorithms with KDD CUP 99 Data Set , 2013 .

[11]  Vahid Golmah An Efficient Hybrid Intrusion Detection System based on C5.0 and SVM , 2014 .

[12]  Pratibha Soni,et al.  An Intrusion Detection System Based on KDD -99 Data using Data Mining Techniques and Feature Selection , 2014 .

[13]  Hervé Debar,et al.  A neural network component for an intrusion detection system , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[14]  N. Wattanapongsakorn,et al.  Real-time intrusion detection with fuzzy genetic algorithm , 2013, 2013 10th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology.

[15]  R. Monsefi,et al.  Network intrusion detection based on neuro-fuzzy classification , 2006, 2006 International Conference on Computing & Informatics.

[16]  Marc Dacier,et al.  Mining intrusion detection alarms for actionable knowledge , 2002, KDD.

[17]  Mohamed Ben Ahmed,et al.  Intrusion detection based on “Hybrid” propagation in Bayesian Networks , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[18]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[19]  Rudolf Kruse,et al.  Obtaining interpretable fuzzy classification rules from medical data , 1999, Artif. Intell. Medicine.

[20]  D. Nauck,et al.  Nefclass | a Neuro{fuzzy Approach for the Classification of Data , 1995 .

[21]  A. Watkins An immunological approach to intrusion detection , 2000 .

[22]  Zyad Shaaban,et al.  Data Mining: A Preprocessing Engine , 2006 .

[23]  Rudolf Kruse,et al.  NEFCLASSmdash;a neuro-fuzzy approach for the classification of data , 1995, SAC '95.