IMPLEMENTATION OF A HYBRID INTRUSION DETECTION SYSTEM USING FUZZYJESS

Aly El–Semary, Janica Edmonds, Jesús González, Mauricio Papa

Abstract

This paper describes an implementation of a fuzzy inference engine that is part of a Hybrid Fuzzy Logic Intrusion Detection System. A data-mining algorithm is used offline to capture features of interest in network traffic and produce fuzzy-logic rules. Using an inference engine, the intrusion detection system evaluates these rules and gives network administrators indications of the firing strength of the ruleset. The inference engine implementation is based on the Java Expert System Shell (Jess) from Sandia National Laboratories and FuzzyJess available from the National Research Council of Canada. Examples and experimental results using data sets from MIT Lincoln Laboratory demonstrate the potential of the approach.

References

  1. Friedman-Hill, E. J. (2004). Jess, the java expert system shell. In http://herzberg.ca.sandia.gov/jess. Sandia National Laboratories.
  2. Gomez, J. and Dasgupta, D. (2002). Evolving fuzzy classifiers for intrusion detection. In 3rd Annual Information Assurance Workshop. West Point, NY.
  3. Haines, J., Lippmann, R., Fried, D., Tran, E., Boswell, S., and Zissman, M. (1999). 1999 darpa intrusion detection system evaluation: Design and procedures. In MIT Lincoln Laboratory Technical Report.
  4. Hosmer, H. A. (1993). Security is fuzzy! applying the fuzzy logic paradigm to the multipolicy paradigm. In 1992- 93 workshop on New Secuity Paradigms. Little Compton, RI.
  5. Kuok, C., Fu, A., and Wong, M. (1998). Mining fuzzy association rules in databases. In The ACM SIGMOD Record. Vol. 27, No. 1.
  6. MIT (1999). Lincoln laboratory data sets. http://www.ll.mit.edu/IST/ideval/data/1999.
  7. Ovchinnikov, S. (1994). Fuzzy sets and secure computer systems. In Workshop on New security paradigms. Little Compton, RI.
  8. Zadeh, L. A. (1965). Fuzzy sets. In Information and Control. Vol. 8, Num. 3.
  9. Zadeh, L. A. (1975). The concept of a linguistic variable and its application to approximate reasoning, parts 1, 2, and 3. In Information Sciences.
  10. Zadeh, L. A. (1984). Making computers think like people. In Spectrum. IEEE.
  11. Zadeh, L. A. (1988). Fuzzy logic. In IEEE-CS Computer. Vol. 21, Num. 4.
Download


Paper Citation


in Harvard Style

El–Semary A., Edmonds J., González J. and Papa M. (2005). IMPLEMENTATION OF A HYBRID INTRUSION DETECTION SYSTEM USING FUZZYJESS . In Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 972-8865-19-8, pages 390-393. DOI: 10.5220/0002524203900393


in Bibtex Style

@conference{iceis05,
author={Aly El–Semary and Janica Edmonds and Jesús González and Mauricio Papa},
title={IMPLEMENTATION OF A HYBRID INTRUSION DETECTION SYSTEM USING FUZZYJESS},
booktitle={Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2005},
pages={390-393},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002524203900393},
isbn={972-8865-19-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - IMPLEMENTATION OF A HYBRID INTRUSION DETECTION SYSTEM USING FUZZYJESS
SN - 972-8865-19-8
AU - El–Semary A.
AU - Edmonds J.
AU - González J.
AU - Papa M.
PY - 2005
SP - 390
EP - 393
DO - 10.5220/0002524203900393