Providing a Solution Based on Fuzzy Logic to Reduce False Positive Alarms in The Intrusion Detection System
Subject Areas : Multimedia Processing, Communications Systems, Intelligent Systems
1 - Islamic Azad University, Khorasghan Branch, Isfahan, Iran
Keywords: Computer Networks, fuzzy logic, False Alarms, Intrusion Detection System,
Abstract :
Introduction: The intrusion detection system is responsible for identifying and detecting unauthorized external use of the system that is misused or damaged by internal users. Therefore, the intrusion detection system is created in the form of software and hardware, each of which has its own advantages and disadvantages. The speed and accuracy of the hardware system and the failure of their security by intruders are other features of such systems. If the software related to intrusion detection, acceptability, and the difference between different operating systems are used, they give more generality to the software systems. More suitable software systems are chosen.Method: The behavior of the intrusion detection system is discussed in opposition to various intrusion methods, and in order to deal with intrusion into the system and computer networks, several methods have been created under the name of intrusion detection, which monitors the events that have occurred in a system and into computer networks.Results: the performance of the intrusion detection system is presented in order to influence the behavior of the abuse detection system as well as anomaly detection using fuzzy logic based on an alpha device. The obtained results showed the accuracy rate up to 91.26% and the detection of false alarms up to 90.96%.Discussion: An Intrusion detection system is essential as the first line of defense for the network. Many algorithms depend on the quality of the data set provided for intrusion detection. Of course, in recent developments in knowledge data collection access systems, there has been an increase in interest in data-driven approaches to curb the increase in control system cyber-attacks related to false alarms. Most machine learning-based intrusion detection systems rely on web applications/operating systems or network layers to detect targeted attacks by host or network. Nevertheless, there is still a lack of sufficient research in the evaluation and collection of intrusion detection system datasets for false alarm behaviors, which requires further studies in this field.
_||_