Title :
Fuzzy intrusion detection
Author :
Dickerson, John E. ; Juslin, Jukka ; Koukousoula, Ourania ; Dickerson, Julie A.
Author_Institution :
Dept. of Electr. & Comput. Eng., Iowa State Univ., Ames, IA, USA
Abstract :
The Fuzzy Intrusion Recognition Engine (FIRE) is a network intrusion detection system that uses fuzzy systems to assess malicious activity against computer networks. The system uses an agent-based approach to separate monitoring tasks. Individual agents perform their own fuzzification of input data sources. All agents communicate with a fuzzy evaluation engine that combines the results of individual agents using fuzzy rules to produce alerts that are true to a degree. Several intrusion scenarios are presented along with the fuzzy systems for detecting the intrusions. The fuzzy systems are tested using data obtained from networks under simulated attacks. The results show that fuzzy systems can easily identify port scanning and denial of service attacks. The system can be effective at detecting some types of backdoor and Trojan horse attacks
Keywords :
computer networks; fuzzy logic; multi-agent systems; security of data; system monitoring; FIRE; Fuzzy Intrusion Recognition Engine; Trojan horse attacks; agent-based approach; backdoor attacks; computer networks; fuzzification; fuzzy evaluation engine; fuzzy intrusion detection; malicious activity; network intrusion detection system; port scanning attacks; service denial attacks; Communication system control; Computer networks; Engines; Fires; Fuzzy systems; Intrusion detection; Monitoring; Performance analysis; Telecommunication traffic; Transceivers;
Conference_Titel :
IFSA World Congress and 20th NAFIPS International Conference, 2001. Joint 9th
Conference_Location :
Vancouver, BC
Print_ISBN :
0-7803-7078-3
DOI :
10.1109/NAFIPS.2001.943772
