A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers

Adel Nadjaran Toosi, Mohsen Kahani

Research output: Contribution to journalArticleResearchpeer-review

Abstract

An intrusion detection system's main goal is to classify activities of a system into two major categories: normal and suspicious (intrusive) activities. Intrusion detection systems usually specify the type of attack or classify activities in some specific groups. The objective of this paper is to incorporate several soft computing techniques into the classifying system to detect and classify intrusions from normal behaviors based on the attack type in a computer network. Among the several soft computing paradigms, neuro-fuzzy networks, fuzzy inference approach and genetic algorithms are investigated in this work. A set of parallel neuro-fuzzy classifiers are used to do an initial classification. The fuzzy inference system would then be based on the outputs of neuro-fuzzy classifiers, making final decision of whether the current activity is normal or intrusive. Finally, in order to attain the best result, genetic algorithm optimizes the structure of our fuzzy decision engine. The experiments and evaluations of the proposed method were performed with the KDD Cup 99 intrusion detection dataset.

Original languageEnglish
Pages (from-to)2201-2212
Number of pages12
JournalComputer Communications
Volume30
Issue number10
DOIs
Publication statusPublished - 31 Jul 2007
Externally publishedYes

Keywords

  • Fuzzy
  • Genetic algorithm
  • Intrusion detection
  • KDD Cup 99
  • Neuro-fuzzy
  • Soft computing

Cite this

@article{c4258c17c0594e528ff98fb8e3c31809,
title = "A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers",
abstract = "An intrusion detection system's main goal is to classify activities of a system into two major categories: normal and suspicious (intrusive) activities. Intrusion detection systems usually specify the type of attack or classify activities in some specific groups. The objective of this paper is to incorporate several soft computing techniques into the classifying system to detect and classify intrusions from normal behaviors based on the attack type in a computer network. Among the several soft computing paradigms, neuro-fuzzy networks, fuzzy inference approach and genetic algorithms are investigated in this work. A set of parallel neuro-fuzzy classifiers are used to do an initial classification. The fuzzy inference system would then be based on the outputs of neuro-fuzzy classifiers, making final decision of whether the current activity is normal or intrusive. Finally, in order to attain the best result, genetic algorithm optimizes the structure of our fuzzy decision engine. The experiments and evaluations of the proposed method were performed with the KDD Cup 99 intrusion detection dataset.",
keywords = "Fuzzy, Genetic algorithm, Intrusion detection, KDD Cup 99, Neuro-fuzzy, Soft computing",
author = "Toosi, {Adel Nadjaran} and Mohsen Kahani",
year = "2007",
month = "7",
day = "31",
doi = "10.1016/j.comcom.2007.05.002",
language = "English",
volume = "30",
pages = "2201--2212",
journal = "Computer Communications",
issn = "0140-3664",
publisher = "Elsevier",
number = "10",

}

A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. / Toosi, Adel Nadjaran; Kahani, Mohsen.

In: Computer Communications, Vol. 30, No. 10, 31.07.2007, p. 2201-2212.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers

AU - Toosi, Adel Nadjaran

AU - Kahani, Mohsen

PY - 2007/7/31

Y1 - 2007/7/31

N2 - An intrusion detection system's main goal is to classify activities of a system into two major categories: normal and suspicious (intrusive) activities. Intrusion detection systems usually specify the type of attack or classify activities in some specific groups. The objective of this paper is to incorporate several soft computing techniques into the classifying system to detect and classify intrusions from normal behaviors based on the attack type in a computer network. Among the several soft computing paradigms, neuro-fuzzy networks, fuzzy inference approach and genetic algorithms are investigated in this work. A set of parallel neuro-fuzzy classifiers are used to do an initial classification. The fuzzy inference system would then be based on the outputs of neuro-fuzzy classifiers, making final decision of whether the current activity is normal or intrusive. Finally, in order to attain the best result, genetic algorithm optimizes the structure of our fuzzy decision engine. The experiments and evaluations of the proposed method were performed with the KDD Cup 99 intrusion detection dataset.

AB - An intrusion detection system's main goal is to classify activities of a system into two major categories: normal and suspicious (intrusive) activities. Intrusion detection systems usually specify the type of attack or classify activities in some specific groups. The objective of this paper is to incorporate several soft computing techniques into the classifying system to detect and classify intrusions from normal behaviors based on the attack type in a computer network. Among the several soft computing paradigms, neuro-fuzzy networks, fuzzy inference approach and genetic algorithms are investigated in this work. A set of parallel neuro-fuzzy classifiers are used to do an initial classification. The fuzzy inference system would then be based on the outputs of neuro-fuzzy classifiers, making final decision of whether the current activity is normal or intrusive. Finally, in order to attain the best result, genetic algorithm optimizes the structure of our fuzzy decision engine. The experiments and evaluations of the proposed method were performed with the KDD Cup 99 intrusion detection dataset.

KW - Fuzzy

KW - Genetic algorithm

KW - Intrusion detection

KW - KDD Cup 99

KW - Neuro-fuzzy

KW - Soft computing

UR - http://www.scopus.com/inward/record.url?scp=34447639073&partnerID=8YFLogxK

U2 - 10.1016/j.comcom.2007.05.002

DO - 10.1016/j.comcom.2007.05.002

M3 - Article

VL - 30

SP - 2201

EP - 2212

JO - Computer Communications

JF - Computer Communications

SN - 0140-3664

IS - 10

ER -