An improved algorithm for fuzzy data mining for intrusion detection

2002 Annual Meeting of the North American Fuzzy Information Processing Society Proceedings. NAFIPS-FLINT 2002 (Cat. No. 02TH8622) Pub Date : 2002-08-07 DOI:10.1109/NAFIPS.2002.1018103

German Florez, S. Bridges, R. Vaughn

{"title":"An improved algorithm for fuzzy data mining for intrusion detection","authors":"German Florez, S. Bridges, R. Vaughn","doi":"10.1109/NAFIPS.2002.1018103","DOIUrl":null,"url":null,"abstract":"We have been using fuzzy data mining techniques to extract patterns that represent normal behavior for intrusion detection. We describe a variety of modifications that we have made to the data mining algorithms in order to improve accuracy and efficiency. We use sets of fuzzy association rules that are mined from network audit data as models of \"normal behavior.\" To detect anomalous behavior, we generate fuzzy association rules from new audit data and compute the similarity with sets mined from \"normal\" data. If the similarity values are below a threshold value, an alarm is issued. We describe an algorithm for computing fuzzy association rules based on Borgelt's (2001) prefix trees, modifications to the computation of support and confidence of fuzzy rules, a new method for computing the similarity of two fuzzy rule sets, and feature selection and optimization with genetic algorithms. Experimental results demonstrate that we can achieve better running time and accuracy with these modifications.","PeriodicalId":348314,"journal":{"name":"2002 Annual Meeting of the North American Fuzzy Information Processing Society Proceedings. NAFIPS-FLINT 2002 (Cat. No. 02TH8622)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2002-08-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"127","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2002 Annual Meeting of the North American Fuzzy Information Processing Society Proceedings. NAFIPS-FLINT 2002 (Cat. No. 02TH8622)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NAFIPS.2002.1018103","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 127

Abstract

We have been using fuzzy data mining techniques to extract patterns that represent normal behavior for intrusion detection. We describe a variety of modifications that we have made to the data mining algorithms in order to improve accuracy and efficiency. We use sets of fuzzy association rules that are mined from network audit data as models of "normal behavior." To detect anomalous behavior, we generate fuzzy association rules from new audit data and compute the similarity with sets mined from "normal" data. If the similarity values are below a threshold value, an alarm is issued. We describe an algorithm for computing fuzzy association rules based on Borgelt's (2001) prefix trees, modifications to the computation of support and confidence of fuzzy rules, a new method for computing the similarity of two fuzzy rule sets, and feature selection and optimization with genetic algorithms. Experimental results demonstrate that we can achieve better running time and accuracy with these modifications.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

一种改进的入侵检测模糊数据挖掘算法

我们一直在使用模糊数据挖掘技术来提取代表入侵检测正常行为的模式。我们描述了我们对数据挖掘算法所做的各种修改，以提高准确性和效率。我们使用从网络审计数据中挖掘的模糊关联规则集作为“正常行为”模型。为了检测异常行为，我们从新的审计数据中生成模糊关联规则，并计算与从“正常”数据中挖掘的集的相似度。如果相似度低于阈值，则产生告警。本文介绍了一种基于Borgelt(2001)前缀树的模糊关联规则计算算法，对模糊规则支持度和置信度计算的改进，计算两个模糊规则集相似度的新方法，以及用遗传算法进行特征选择和优化。实验结果表明，这些改进可以获得更好的运行时间和精度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2002 Annual Meeting of the North American Fuzzy Information Processing Society Proceedings. NAFIPS-FLINT 2002 (Cat. No. 02TH8622)

自引率

0.00%

发文量

期刊最新文献

Fuzzy linear clustering for fabric selection from online database Fuzzy clustering in vision recognition applied in NAVI Fuzzy functions to select an optimal action in decision theory Fuzzy systems and soft O.R Conceptual fuzzy sets-based navigation system for Yahoo!