A fuzzy based clustering for intrusion detection

العناوين الأخرى

التجمع الضبابي لكشف التطفل

مقدم أطروحة جامعية

al-Mallah, Sumayyah Sad Sulayman

مشرف أطروحة جامعية

Hamid, Sarab Majid

أعضاء اللجنة

Abd Allah, Nada Abd al-Zahrah
Saghir, Ali M.
al-Ubaydi, Ahmad Tariq Sadiq

الجامعة

جامعة بغداد

الكلية

كلية العلوم

القسم الأكاديمي

قسم علوم الحاسبات

دولة الجامعة

العراق

الدرجة العلمية

ماجستير

تاريخ الدرجة العلمية

2012

الملخص الإنجليزي

Along with the revolution in communication and information exchange, Internet has also provided greater opportunity for disruption and sabotage of data that was previously considered secure.

As malicious intrusions into computer systems have become a growing problem, the need for accurate detecting these intrusions is raised.

Intrusion detection becomes an increasingly important technology that monitors network traffic and identifies unauthorized use, misuse and abuse of computer systems.

Since normal and abnormal behaviors in computer systems are hard to predict as the boundaries can not be well defined and this led to production of many false alarms in the detection system so fuzzy intrusion detection was used.

One of the limitations of the existing fuzzy intrusion detection approaches is the usage of numeric features only which may reduce the ability of the detection approach to discriminate intrusions from normal behavior.

The goal of this research is to classify patterns of network traffic packets into two categories: normal and abnormal (intrusive) by combining numeric-fuzzy approach and symbolic-fuzzy approach in one approach known as extended fuzzy intrusion detection approach.

Furthermore, the information gain algorithm is utilized to search for the features with highest discriminatory power.

Based on the selected features, the intrusion detection approach is used for clustering purpose.

To show the applicability of proposed intrusion detection approach the Knowledge Discovery and Data mining (KDD) cup dataset, which is considered as benchmark for evaluate of security detection mechanisms, is used in the experiments.

The performance of the presented intrusion detection model is analyzed and compared with two approaches namely C4.5 and iterative dichotomiser 3( ID3).

The results show that presented intrusion detection model provides a good intrusion detection mechanism with high detection rate attaining 99.8% and low false alarms reaches 0.0009 that outperforms the C4.5 and ID3.

التخصصات الرئيسية

الرياضيات
تكنولوجيا المعلومات وعلم الحاسوب

الموضوعات

عدد الصفحات

103

قائمة المحتويات

Table of contents.

Abstract.

Abstract in Arabic.

Chapter One : Overview.

Chapter Two : Intrusion detection and fuzzy clustering.

Chapter Three : Extended fuzzy clustering model for intrusion detection.

Chapter Four : Experimental results.

Chapter Five : Conclusions and future work.

References.

نمط استشهاد جمعية علماء النفس الأمريكية (APA)

al-Mallah, Sumayyah Sad Sulayman. (2012). A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad, Iraq
https://search.emarefa.net/detail/BIM-605432

نمط استشهاد الجمعية الأمريكية للغات الحديثة (MLA)

al-Mallah, Sumayyah Sad Sulayman. A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad. (2012).
https://search.emarefa.net/detail/BIM-605432

نمط استشهاد الجمعية الطبية الأمريكية (AMA)

al-Mallah, Sumayyah Sad Sulayman. (2012). A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad, Iraq
https://search.emarefa.net/detail/BIM-605432

لغة النص

الإنجليزية

نوع البيانات

رسائل جامعية

رقم السجل

BIM-605432