A comparative study of different fuzzy classifiers for Cloud Intrusion Detection Systems' alerts

Saeed M. Alqahtani, R. John
{"title":"A comparative study of different fuzzy classifiers for Cloud Intrusion Detection Systems' alerts","authors":"Saeed M. Alqahtani, R. John","doi":"10.1109/SSCI.2016.7849911","DOIUrl":null,"url":null,"abstract":"The use of Internet has been increasing day by day and the internet traffic is exponentially increasing. The services providers such as web services providers, email services providers, and cloud service providers have to deal with millions of users per second; and thus, the level of threats to their growing networks is also very high. To deal with this much number of users is a big challenge but detection and prevention of such kinds of threats is even more challenging and vital. This is due to the fact that those threats might cause a severe loss to the service providers in terms of privacy leakage or unavailability of the services to the users. To incorporate this issue, several Intrusion Detections Systems (IDS) have been developed that differ in their detection capabilities, performance and accuracy. In this study, we have used SNORT and SURICATA as well-known IDS systems that are used worldwide. The aim of this paper is to analytically compare the functionality, working and the capability of these two IDS systems in order to detect the intrusions and different kinds of cyber-attacks within MyCloud network. Furthermore, this study also proposes a Fuzzy-Logic engine based on these two IDSs in order to enhances the performance and accuracy of these two systems in terms of increased accuracy, specificity, sensitivity and reduced false alarms. Several experiments in this compatrative study have been conducted by using and testing ISCX dataset, which results that fuzzy logic based IDS outperforms IDS alone whereas FL-SnortIDS system outperforms FL-SuricataIDS.","PeriodicalId":120288,"journal":{"name":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2016-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE Symposium Series on Computational Intelligence (SSCI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SSCI.2016.7849911","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7

Abstract

The use of Internet has been increasing day by day and the internet traffic is exponentially increasing. The services providers such as web services providers, email services providers, and cloud service providers have to deal with millions of users per second; and thus, the level of threats to their growing networks is also very high. To deal with this much number of users is a big challenge but detection and prevention of such kinds of threats is even more challenging and vital. This is due to the fact that those threats might cause a severe loss to the service providers in terms of privacy leakage or unavailability of the services to the users. To incorporate this issue, several Intrusion Detections Systems (IDS) have been developed that differ in their detection capabilities, performance and accuracy. In this study, we have used SNORT and SURICATA as well-known IDS systems that are used worldwide. The aim of this paper is to analytically compare the functionality, working and the capability of these two IDS systems in order to detect the intrusions and different kinds of cyber-attacks within MyCloud network. Furthermore, this study also proposes a Fuzzy-Logic engine based on these two IDSs in order to enhances the performance and accuracy of these two systems in terms of increased accuracy, specificity, sensitivity and reduced false alarms. Several experiments in this compatrative study have been conducted by using and testing ISCX dataset, which results that fuzzy logic based IDS outperforms IDS alone whereas FL-SnortIDS system outperforms FL-SuricataIDS.
不同模糊分类器在云入侵检测系统报警中的比较研究
互联网的使用日益增加,互联网流量呈指数级增长。网络服务提供商、电子邮件服务提供商和云服务提供商等服务提供商必须每秒处理数百万用户;因此,对他们日益增长的网络的威胁程度也非常高。处理如此多的用户是一个巨大的挑战,但检测和预防这类威胁更具挑战性和至关重要。这是因为这些威胁可能会给服务提供商造成严重的损失,比如隐私泄露或用户无法获得服务。为了解决这个问题,已经开发了几种入侵检测系统(IDS),它们的检测能力、性能和准确性各不相同。在本研究中,我们使用SNORT和SURICATA作为全球使用的知名IDS系统。本文的目的是分析比较这两种入侵检测系统的功能、工作和能力,以检测MyCloud网络中的入侵和各种网络攻击。此外,本研究还提出了一种基于这两种ids的模糊逻辑引擎,以提高这两种系统的性能和准确性,提高准确性、特异性、灵敏度和减少误报。在本对比研究中,通过使用和测试ISCX数据集进行了几个实验,结果表明基于模糊逻辑的IDS优于单独的IDS,而FL-SnortIDS系统优于FL-SuricataIDS。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信