Title :
A flexible fuzzy threat evaluation computer system
Author :
Hamed, Essam M. ; Sobh, Tarek S.
Author_Institution :
Egyptian Armed Forces
Abstract :
This paper proposes an approach for threat evaluation in distributed computing systems. Although anomaly-based threat detection systems are very helpful in detecting unknown attacks that are not defined in the signature and rule-based analysis of the misuse threat detection approach, there are many difficulties in accurately and efficiently performing anomaly threat detection. Tuning statistical anomaly threat detection engines is a significant challenge that often causes high false alarm rates. Also, many types of threats cannot be crisply defined and the degree of alert (threat level) that can occur with threats is often imprecisely defined. The use of fuzzy logic in this paper is explored as a threat evaluation engine for an anomaly-based threat detection system by presenting a novel anomaly threat detection architecture using fuzzy logic to overcome the anomaly detection systems drawbacks and to present an accurate and flexible threat evaluation system.
Keywords :
Computer security; Distributed computing; Engines; Fuzzy logic; Fuzzy systems; Intrusion detection; Military computing; Monitoring; Performance analysis; Risk management; Anomaly threat detection; Degree of membership; Fuzzification; Fuzzy logic; Historical profiles; Statistical models; Threat evaluation; Threshold level; fuzzy membership function;
Conference_Titel :
Electrical, Electronic and Computer Engineering, 2004. ICEEC '04. 2004 International Conference on
Conference_Location :
Cairo, Egypt
Print_ISBN :
0-7803-8575-6
DOI :
10.1109/ICEEC.2004.1374369
