Fuzzy clustering of network traffic features for security

The proliferation of computer networks and the interconnection of networks via the Internet, has drastically increased their vulnerability to attack by malicious agents. The wide variety of attack modes has exacerbated the problem in detecting attacks. Many current intrusion detection systems (IDS) are unable to identify unknown or mutated attack modes or are unable to operate in a dynamic environment as is necessary with mobile networks. As a result, it has become increasingly important to find new ways to implement and manage intrusion detection systems. This paper presents a novel approach to intrusion detection using fuzzy clustering of TCP packet attributes. The method is shown to provide superior performance in comparison to evolutionary approaches. In addition, the method demonstrates improved robustness in comparison to other fuzzy clustering techniques.