Anomaly and misuse intrusion detection model : using neuro-fuzzy logic.

Abstract

Intrusion detection systems are increasingly a key part of systems defense. Various approaches to intrusion detection are currently being used, but they are relatively ineffective. A major concern of existing anomaly intrusion detection approaches is that they tend to produce excessive false alarms. One reason for this is that the normal and abnormal behaviour of a monitored object can overlap or be very close to each other which makes it difficult to define a clear boundary between the two. This thesis presents a fuzzy logic model for misuse and access intrusion detection where instead of using crisp conditions, or fixed thresholds, fuzzy sets are used to represent the parameter space as defined by a human expert. This is implemented using a neuro-fuzzy system which is a high breed system combining