Application of dynamic fuzzy rule interpolation for intrusion detection: D-FRI-Snort

Nitin Naik, Ren Diao, Qiang Shen

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Application of fuzzy rule interpolation (FRI) has been escalating for making intelligent systems viable in many areas. However, requirements of such systems may change over time and the supporting static rule base may not be able to provide accurate interpolation results in the long run. Dynamic fuzzy rule interpolation (D-FRI) is one of the potential solutions for this problem, a such has been developed in the last few years to fulfil the requirements of dynamic and pertinent rule bases for intelligent systems. Nevertheless, applications of the proposed D-FRI approach need further investigation. One potential application is for network security that is one of the biggest concerns of any organisation irrespective of their size and nature of business. Intrusion detection systems (IDSs) are considered as one of the most popular and effective security tools for generating alerts to systems or network administrators to inform possible or existing threats. A standard IDS may not be very effective or even unsuitable for an organisational or individual's requirements. This paper presents an application of D-FRI for building an effective IDS. In this implementation, the most popular open source IDS, Snort is used and the resultant intelligent IDS is named D-FRI-Snort. Experimental analysis shows that the integration of D-FRI with the IDS Snort provides an additional level of intelligence to predict the level/sensitivity of possible threats. It also provides a dynamic rule base by promoting new rules based on the current network traffic conditions, which helps Snort to reduce both false positives and false negatives.

Original languageEnglish
Title of host publication2016 IEEE International Conference on Fuzzy Systems, FUZZ-IEEE 2016
PublisherIEEE
Pages78-85
Number of pages8
ISBN (Electronic)9781509006250
DOIs
Publication statusPublished - 7 Nov 2016
Event2016 IEEE International Conference on Fuzzy Systems, FUZZ-IEEE 2016 - Vancouver, Canada
Duration: 24 Jul 201629 Jul 2016

Publication series

Name2016 IEEE International Conference on Fuzzy Systems, FUZZ-IEEE 2016

Conference

Conference2016 IEEE International Conference on Fuzzy Systems, FUZZ-IEEE 2016
CountryCanada
CityVancouver
Period24/07/1629/07/16

Bibliographical note

Publisher Copyright:
© 2016 IEEE.

Copyright:
Copyright 2017 Elsevier B.V., All rights reserved.

Keywords

  • D-FRI
  • D-FRI-snort
  • FRI
  • IDS
  • IPS
  • Snort

Fingerprint

Dive into the research topics of 'Application of dynamic fuzzy rule interpolation for intrusion detection: D-FRI-Snort'. Together they form a unique fingerprint.

Cite this