Title :
The intrusion detection system based on fuzzy association rules mining
Author_Institution :
North China Inst. of Sci. & Technol., Beijing-East, China
Abstract :
In this paper, we integrate fuzzy association rules to design and implement an abnormal network intrusion detection system. Since the association rules used in traditional information detection cannot effectively deal with changes in network behavior, it will better meet the actual needs of abnormal detection to introduce the concept of fuzzy association rules to strengthen the adaptability. This paper mainly focuses on the study of Denial of Service (DOS). According to the experimental results, it is found that our system can correctly identify all DOS attacks on test after appropriate adjustment of system parameters. Moreover, it also proves, in the experiment, that our system would not result in false positives under such circumstances as a large amount of instantaneous FTP normal packet flow. In addition, if source of an attacker can be determined, the system will also be able to promptly inform the firewall to alter its rules and cut off the connection.
Keywords :
authorisation; data mining; fuzzy systems; adaptability; denial of service; firewall; fuzzy association rules mining; information detection; intrusion detection system; normal packet flow; system parameters; Association rules; Computer crime; Data mining; Electronic mail; Fuzzy systems; Intrusion detection; Itemsets; Protection; Real time systems; Transaction databases; association Rules; denial-of-service attack; fuzzy association rules; fuzzy theory; network security;
Conference_Titel :
Computer Engineering and Technology (ICCET), 2010 2nd International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-6347-3
DOI :
10.1109/ICCET.2010.5485674
