Hybrid fuzzy and neural network for intrusion detection system

Abstract EN

Along with the development and growth of the internet network, there is an increasing needed to use protection systems such as intrusion classification and detection systems that protect computer and network from attacks and unauthorized access.

Fuzzy c-means (FCM), neural network (counterpropagation network CPN, and a new method that called it (Fuzzy counterpropagation network FCPN) algorithms were applied using kdd cup 99 and NSL-KDD which is a new version of kdd cup 99 dataset to classify this dataset into 5 classes or clusters one for normal traffic nd others classes for the main types of attacks.

Another type of classification is made on the dataset it was classified into 2 classes one for normal and other for types of attacks and detect a new attack(abnormal).

Each cluster will contain dataset more similar to each other within cluster and difference from that in the other clusters.

(10% kdd) file from kdd cup 99 was taken in the training stage that contain (494020) records and (corrected kdd) file that contain (311029) records in testing stage.

From NSL-KDD was taken (NSL-KDDTrain) file that contain (125973) records used in training stage and (NSL-KDDTest) file that contain (22544) records in testing stage.

Classification rate, Detection rate, and false alarm rate were computed.

Finally the classification rate obtained is (100%) for FCM, CPN, FCPN algorithms in training stage.

With got higher DR(100%) for FCPN to kdd cup 99, and (99.703) is the DR obtained for FCPN to NSL-KDD in testing.

and then were made comparisons between results obtained after applying the algorithms on this dataset.