Open Access
Subscription Access
Open Access
Subscription Access
An Architecture for Host-Based Intrusion Detection Systems using Fuzzy Logic
Subscribe/Renew Journal
Intrusion Detection Systems (IDSs) are key parts of computer system defences used to detect malicious activities or policy violations and produce reports to a management station. In this paper, we propose a hostbased IDS to detect with a fuzzy logic approach. The novelty of our proposed system is that multiple features are extracted for each session in order to identify attacks, and then fuzzy inference expert systems are used to detect intrusion. Selected features are extracted based on system call arguments and used to detect the buffer overflow attack in UNIX system. Because of the difficulty of specifying the exact amounts of them, fuzzy inference expert system is used to detect intrusion. The extracted features from audit trail are related to the different stages of attack scenario, so the output of proposed system is suitable for forensic investigation. Our Host-based Intrusion Detection System (HIDS) is tested experimentally against DARPA 98 and 99 intrusion detection datasets. A comparison with other learning-based approaches is performed. The final results show that our system is efficient.
Keywords
Network Security, Buffer Overflow Attack, Host-Based IDS, Fuzzy Intrusion Detection, Fuzzy Logic.
Subscription
Login to verify subscription
User
Font Size
Information
Abstract Views: 365
PDF Views: 1