A fuzzy based clustering for intrusion detection
Other Title(s)
التجمع الضبابي لكشف التطفل
Dissertant
al-Mallah, Sumayyah Sad Sulayman
Thesis advisor
Comitee Members
Abd Allah, Nada Abd al-Zahrah
Saghir, Ali M.
al-Ubaydi, Ahmad Tariq Sadiq
University
University of Baghdad
Faculty
College of Science
Department
Department of Computer Science
University Country
Iraq
Degree
Master
Degree Date
2012
English Abstract
Along with the revolution in communication and information exchange, Internet has also provided greater opportunity for disruption and sabotage of data that was previously considered secure.
As malicious intrusions into computer systems have become a growing problem, the need for accurate detecting these intrusions is raised.
Intrusion detection becomes an increasingly important technology that monitors network traffic and identifies unauthorized use, misuse and abuse of computer systems.
Since normal and abnormal behaviors in computer systems are hard to predict as the boundaries can not be well defined and this led to production of many false alarms in the detection system so fuzzy intrusion detection was used.
One of the limitations of the existing fuzzy intrusion detection approaches is the usage of numeric features only which may reduce the ability of the detection approach to discriminate intrusions from normal behavior.
The goal of this research is to classify patterns of network traffic packets into two categories: normal and abnormal (intrusive) by combining numeric-fuzzy approach and symbolic-fuzzy approach in one approach known as extended fuzzy intrusion detection approach.
Furthermore, the information gain algorithm is utilized to search for the features with highest discriminatory power.
Based on the selected features, the intrusion detection approach is used for clustering purpose.
To show the applicability of proposed intrusion detection approach the Knowledge Discovery and Data mining (KDD) cup dataset, which is considered as benchmark for evaluate of security detection mechanisms, is used in the experiments.
The performance of the presented intrusion detection model is analyzed and compared with two approaches namely C4.5 and iterative dichotomiser 3( ID3).
The results show that presented intrusion detection model provides a good intrusion detection mechanism with high detection rate attaining 99.8% and low false alarms reaches 0.0009 that outperforms the C4.5 and ID3.
Main Subjects
Mathematics
Information Technology and Computer Science
Topics
No. of Pages
103
Table of Contents
Table of contents.
Abstract.
Abstract in Arabic.
Chapter One : Overview.
Chapter Two : Intrusion detection and fuzzy clustering.
Chapter Three : Extended fuzzy clustering model for intrusion detection.
Chapter Four : Experimental results.
Chapter Five : Conclusions and future work.
References.
American Psychological Association (APA)
al-Mallah, Sumayyah Sad Sulayman. (2012). A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad, Iraq
https://search.emarefa.net/detail/BIM-605432
Modern Language Association (MLA)
al-Mallah, Sumayyah Sad Sulayman. A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad. (2012).
https://search.emarefa.net/detail/BIM-605432
American Medical Association (AMA)
al-Mallah, Sumayyah Sad Sulayman. (2012). A fuzzy based clustering for intrusion detection. (Master's theses Theses and Dissertations Master). University of Baghdad, Iraq
https://search.emarefa.net/detail/BIM-605432
Language
English
Data Type
Arab Theses
Record ID
BIM-605432
