Fuzzy Rule-Based Layered Classifier and Entropy-Based Feature Selection for Intrusion Detection System

Introduction

Recent scenario, most of the people have connected with internet for their specific purpose and other related purpose. So, the Intrusion Detection System (IDS) is important for any individual or organization to safeguard their information from unauthorised users. Organizaitons are using hardware and software devices to secure their information, eventually most of the intruders were not detected. Today the information is more important for any organization, so need to protect the information from unauthorised users because many unauthorised users are using different techniques to detect the information and exploit the systems are more vulnerabilities. Whenever the informations are transmit from one host to another host, which does not provide the protection from unauthorised users. In these aspects, Security is essential to protect the information.

Intrusion Detection Systems (IDS) are usually classified into two groups: Signature based and Anomaly based intrusion detection system. The signature based intrusion detection system detects the intrusion by comparing with its existing signatures in the log files. The anomaly based intrusion detection system which is observed from network when it behavior deviates from the normal attacks. Intrusion Detection System is classified as Network based intrusion detection system and Host based intrusion detection system. The network based intrusion detection system is a system which detect the misbehavior whenever the system can able to communicate with each other over the network. The host based intrusion detection system is a system which monitor and analyze the computer system if there is any misbehavior. (Devaraju & Ramakrishnan, 2013).

Fuzzy Rule-based technique is used to process the large volume of raw data easily. The various techniques are Association Rule, Clustering, Decision Trees, Neural Networks and Data Mining. The various authors have tried to improve the performance and reduce the false positive rate of intrusion detection system. Even though there are some misbehavior happening in intrusion detection system and could not be improve the performance and reduce the false positive rate due to the dataset contains large volume of data. The data contains many features and the authors were used all the features for processing but some features are not important.

In this paper, try to create a new set of fuzzy rulesets based on the protocol features which will help us to improve the performance, reduce the false positive rate and less processing time. There are three types of protocol feature are considered such as tcp, udp and icmp. Mainly attacks are depending on the any one of the protocol feature so need to category the data based on the protocol features to reduce the feature as well. The uniquenesses of the proposed paper are as follows:

• i)

  Fuzzy entropy-based feature selection is proposed to select the most relevant features from KDD dataset.

• ii)

  Fuzzy rule-based classifier is proposed to generate the new sets of fuzzy rules using selected features to classify the attacks by using KDD dataset and Real-time dataset.

• iii)

  Layered classifier is proposed to get better the performance and less computational time.

The organization of the paper is as follows: Background of the related work, discusses fuzzy entropy-based feature selection and layered fuzzy rule-based classifier; describes experimental work of the proposed methods; and provides a conclusion.

Background

Different techniques are used to detect the intrusion detection system. They are statistical methods, neural network, data mining etc. In this section, the various techniques used for intrusion detection systems are discussed.