Exploiting Timed Automata-based Fuzzy Controllers and data mining to detect computer network intrusions

Abstract

A Network Intrusion Detection System is a network monitoring framework that tries to detect malicious network activity such as port scans, denial of service or other attempts to crack computer network environments. The main aim of intrusion detection is to identify unauthorized use, misuse, and abuse of computers by external penetrators. In real life, however, temporal changes in network intrusion patterns and characteristics tend to invalidate the usability of existing intrusion detection systems. In order to solve this drawback, our paper introduces a novel kind of fuzzy controller, known as Timed Automata-based Fuzzy Controllers, and it presents a data mining approach able to learn the most suitable controller that manages, in efficient way, the computer network dynamism and support networks' administrators to prevent eventual damages coming from unauthorized network intrusion.