Combating Cyber Security Breaches in Digital World Using Misuse Detection Methods: Misuse Detection

2. Background

Soft computing was first proposed by Lotfi Zadeh to construct new generation computationally intelligent hybrid intelligent systems including Neural networks, Fuzzy logic, approximate reasoning and derivative free optimization techniques like Genetic algorithms for most of the real world applications like function approximation, Image processing and Intrusion detection.

Neural Networks are applied to effectively find out the intrusions by Martin Botha, Rossouw von solms. Next Generation Proactive Identification Model is used to protect the system using neural networks. This model is based on the assumption that each user's behaviour is unique and when he leaves the system it could be recorded for further comparison. Fuzzy Default Logic(FDL) (Jian et al., 2003)is applied to Intrusion Detection using reasoning and FDL-IDS was developed which increases detection speed and accuracy which reduces the cumulative cost of developing an traditional Intrusion Detection Expert System (Denning, 1987). A Novel attack detection method is proposed to detect intrusions using fuzzy logic and data mining. The proposed system is designed as both misuse and anomaly detection system by combining well-formed fuzzy if-then rules and simple data mining.

ANN and SVM are employed for intrusion detection using (Mukkamala & Sung, 2005) DARPA dataset and it is observed that SVMs are superior to ANN in three critical respects. SVM train and run an order of magnitude faster; SVM scale much faster; and SVMs give high classification accuracy. Feature selection and ranking is presented using two methods: first is Performance Based Ranking Method using performance metrics and 34 out of 41 features are selected for classification by a Multilayer FF ANN. Second using SVMs with support vector decision function. 23 out of 41 features are selected in this method for classification. SVMs prove higher classification accuracy.