A Rough-Fuzzy Hybrid Algorithm for Computer Intrusion Detection

A Rough-Fuzzy Hybrid Algorithm for Computer Intrusion Detection

Witcha Chimphlee1, Abdul Hanan Abdullah2, Mohd Noor Md Sap2, Siriporn Chimphlee1, and Surat Srinoy1

1Faculty of Science and Technology, Suan Dusit Rajabhat University, Thailand

2Faculty of Computer Science and Information Systems, University Technology of Malaysia, Malaysia 

Abstract: In this paper, we propose an intrusion detection method that combines rough sets theory and fuzzy c-means for anomaly detection. The first step consists of attribute selection which is based on rough set theory for each of the 5 classes of intrusions in the Defense Advanced Research Projects Agency (DARPA) data is identified. The next phase is clustering by using fuzzy c-means; we are using rough sets for cleaning and to filtering out redundant, spurious information. Fuzzy c-means allow objects to belong to several clusters simultaneously, with different degrees of membership. Our method is an accurate model for handling complex attack patterns in large networks. We used data set from 1999 Knowledge Discovery and Data mining (KDD) intrusion detection contest. The main goal of this paper is to apply this method to increase the efficiency of a given intrusion detection model and to be able to reduce the data set by looking for overlapping categories and also to filter in the desired ones. 

Keywords: Network security, intrusion detection system, anomaly detection, rough sets, fuzzy c-means. 

Received December 31, 2005; accepted June 28, 2006
Read 6347 times Last modified on Wednesday, 20 January 2010 02:42
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…