Sunday, 22 Dec, 2024

+91-9899775880

011-47044510

011-49075396

An Architecture for Host-based Intrusion Detection Systems using Fuzzy Logic

Journal of Network and Information Security

Volume 2 Issue 2

Published: 2014
Author(s) Name: Maryam Rostamipour, Babak Sadeghiyan | Author(s) Affiliation: Dept of Computer Engg and Information Tech, Amirkabir University of Technology, Tehran, Iran.
Locked Subscribed Available for All

Abstract

Intrusion Detection Systems (IDSs) are key parts of computer system defences used to detect malicious activities or policy violations and produce reports to a management station. In this paper, we propose a host-based IDS to detect with a fuzzy logic approach. The novelty of our proposed system is that multiple features are extracted for each session in order to identify attacks, and then fuzzy inference expert systems are used to detect intrusion. Selected features are extracted based on system call arguments and used to detect the buffer overflow attack in UNIX system. Because of the difficulty of specifying the exact amounts of them, fuzzy inference expert system is used to detect intrusion. The extracted features from audit trail are related to the different stages of attack scenario, so the output of proposed system is suitable for forensic investigation. Our Host-based Intrusion Detection System (HIDS) is tested experimentally against DARPA 98 and 99 intrusion detection datasets. A comparison with other learning-based approaches is performed. The final results show that our system is efficient.

Keywords: Network Security, Buffer Overflow Attack, Host-based IDS, Fuzzy Intrusion Detection, Fuzzy Logic

View PDF

Refund policy | Privacy policy | Copyright Information | Contact Us | Feedback © Publishingindia.com, All rights reserved