Dynamic fuzzy rule interpolation and its application to intrusion detection

Nitin Naik, Ren Diao, Qiang Shen

Research output: Contribution to journalArticlepeer-review

Abstract

Fuzzy rule interpolation (FRI) offers an effective approach for making inference possible in sparse rule-based systems (and also for reducing the complexity of fuzzy models). However, requirements of fuzzy systems may change over time and hence, the use of a static rule base may affect the accuracy of FRI applications. Fortunately, an FRI system in action will produce interpolated rules in abundance during the interpolative reasoning process. While such interpolated results are discarded in existing FRI systems, they can be utilized to facilitate the development of a dynamic rule base in supporting subsequent inference. This is because the otherwise relinquished interpolated rules may contain possibly valuable information, covering regions that were uncovered by the original sparse rule base. This paper presents a dynamic fuzzy rule interpolation (D-FRI) approach by exploiting such interpolated rules in order to improve the overall system's coverage and efficacy. The resulting D-FRI system is able to select, combine, and generalize informative, frequently used interpolated rules for merging with the existing rule base while performing interpolative reasoning. Systematic experimental investigations demonstrate that D-FRI outperforms conventional FRI techniques, with increased accuracy and robustness. Furthermore, D-FRI is herein applied for network security analysis, in devising a dynamic intrusion detection system (IDS) through integration with the Snort software, one of the most popular open source IDSs. This integration, denoted as D-FRI-Snort hereafter, delivers an extra amount of intelligence to predict the level of potential threats. Experimental results show that with the inclusion of a dynamic rule base, by generalising newly interpolated rules based on the current network traffic conditions, D-FRI-Snort helps reduce both false positives and false negatives in intrusion detection.
Original languageEnglish
Pages (from-to)1878-1892
Number of pages15
JournalIEEE Transactions on Fuzzy Systems
Volume26
Issue number4
Publication statusPublished - 4 Dec 2017

Bibliographical note

© 2017 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution
requires IEEE permission. See http://www.ieee.org/publications standards/publications/rights/index.html for more information.

Keywords

  • Dynamic Fuzzy Rule Interpolation
  • D-FRI
  • Intrusion Detection System
  • IDS
  • Fuzzy Rule Base

Fingerprint Dive into the research topics of 'Dynamic fuzzy rule interpolation and its application to intrusion detection'. Together they form a unique fingerprint.

Cite this