To detect misuse and anomaly attacks through rule induction analysis and fuzzy methods
Date
2006
ISBN
Journal Title
Journal ISSN
Volume Title
Resource Type
Article
Publisher
Journal Title
To detect misuse and anomaly attacks through rule induction analysis and fuzzy methods
Recommended by
Abstract
To protect networks, intrusion detection systems aim to identify attacks with a high detection rate and a low false alarm rate. In this paper we propose an intrusion detection method that combines rule induction analysis for misuse detection and Fuzzy c-means for anomaly detection. Rule induction is used to generate patterns from data and finding a set of rules that satisfy some predefined criteria. Fuzzy c-Means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handle complex attack patterns in large networks. Empirical studies using the network security data set from the DARPA 1998 offline intrusion detection project (KDD 1999 Cup) show the feasibility of misuse and anomaly detection results.
Description
Citation
WSEAS Transactions on Computers