Fuzzy - neuro algorithm applied to intrusion detection system

number: 
1779
إنجليزية
Degree: 
Author: 
Dr. Salam A. Ismaeel
Supervisor: 
Dr. Salam A. Ismaeel
year: 
2008
Abstract:

The aim of this thesis is to propose and investigate adaptive fuzzy neural network based intelligent intrusion detection system that can promptly detect attacks. An Anomaly based intrusion detection system needs to be able to learn user's or system's behavior because users and systems behavior changes over time in today's dynamic environment. This work is experimenting with user's behavior as parameters in anomaly intrusion detection. There are several methods to assist intrusion detection to learn user's behavior. The proposed intrusion detection system in this thesis uses a back propagation neural network to learn user's behavior. This work, addresses if adaptive fuzzy-neural network is able to classify normal behavior correctly, and detect known and unknown attacks without using a huge amount of training data. 108 sessions of traffic are used here for the training of the adaptive system. Out of these there are 58 sessions with normal traffic and 50 sessions with attacks. The experiments were separated into three parts. The first preliminary experiment was conducted to see when the fuzzy-neural network was properly trained to classify sessions correctly. In this experiment both known and unknown attacks were used. The next experiment was conducted to test the fuzzy- neural network with a small traffic, known and unknown attacks. Unknown attacks are the most threatening attacks, because one dose not know what to expect from these attacks. In the final experiment, a classification rate of 82% was obtained on known attacks. Compared with two other researches where they got classification rates of 77.3% and 80%, the results of our experiments seems to be very promising.