Network Traffic Intrusion Detection System Using Fuzzy Logic and Neural Network

Network Traffic Intrusion Detection System Using Fuzzy Logic and Neural Network

Mrudul Dixit (Department of Electronics and Telecommunication, MKSSS's Cummins College of Engineering for Women, Pune, India) and Rajashwini Ukarande (Department of Electronics and Telecommunication, MKSSS's Cummins College of Engineering for Women, Pune, India)
Copyright: © 2017 |Pages: 17
DOI: 10.4018/IJSE.2017010101
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

Intrusion Detection System (IDS) are actively used to identify any unusual activities in a network. To improve the effectiveness of IDS, security experts have embedded their extensive knowledge with the use of fuzzy logic, neuro-fuzzy, neural network and other such AI techniques. This article presents an intrusion detection system in network based on fuzzy logic and neural network. The proposed system is evaluated using the KDD Cup 99 dataset. The fuzzy system detects the intrusion behavior of the network using the defined set of rules. Whereas neural network trains the network based on the input and uses the trained system to predict the output. The evaluation depicts the effectiveness of the selected method in terms of selection of attributes which gives high True Positive Rate and True Negative Rate, with good precision in attack detection.
Article Preview

Literature Review

Intrusion Detection System

An IDS is designed to monitor the network traffic and examine traffic data for protocol anomalies, that represent potential attacks and suspicious activities; and alerts the network administrator (Cisco, 2014). It works like a defence system which prevents hostile activities compromising of system securities (Kazienko & Dorosz, 2003). In anomaly based systems, the network administrator states the baseline or normal threshold of the network. The IDS monitors the network traffic and compares it against stored patterns of normal behaviour, so that any pattern violating its behaviour will be defined as system attack. The assumptions of IDS are that the intruder’s behaviour has to be unusual from that of the normal users. The main components of an Intrusion Detection System are:

  • 1.

    Information Source: data used by the IDS;

  • 2.

    Analysis engine: process of intrusion detection;

  • 3.

    Response: action taken for detection of intrusion.

Fuzzy Inference

In 1964 Lotfi A. Zadeh, from University of California, Berkeley introduced a paper on fuzzy sets which created the idea of grade of membership, emphasizing on imprecise and vague outputs. In 1965, he came up with fuzzy multistage decision-making, fuzzy similarity relations, fuzzy restrictions and linguistic variables. Mamdani developed the first fuzzy logic controller in 1974. It was an attempt to control a steam engine and boiler by synthesizing a set of linguistic control rules obtained from experienced human operators (Kay, 2004). A fuzzy rule is a simple If-Then rule which provides an easy means to express and capture the human mind to summarize data and focus on decision-relevant information. Fuzzy inference deriving logical conclusions from existing fuzzy rule base (Naik, 2012 & Tikk, 2002). It is the mapping of fuzzy input onto a fuzzy output space with the help of fuzzy rules. The rule base is the key component of a fuzzy inference system.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 8: 2 Issues (2017)
Volume 7: 2 Issues (2016)
Volume 6: 2 Issues (2015)
Volume 5: 2 Issues (2014)
Volume 4: 2 Issues (2013)
Volume 3: 2 Issues (2012)
Volume 2: 2 Issues (2011)
Volume 1: 2 Issues (2010)
View Complete Journal Contents Listing