Improving Intrusion Detection by the Automated Generation of Detection Rules

Abdulrazaq Almutairi, David Parish
2014 International Journal of Intelligent Computing Research  
instances and this has high precedence over a slightly better training model created using two classes model creation strategy. The second stage of the proposed model (reasoning mechanism) was built using a hybrid approach. The hybrid approach in this paper uses both neural network and fuzzy logic. The benefit of using the hybrid approach is increasing the intrusion detection rate, some of attacks may not be detected by one of the modules but the other one may be able to detect them. The
more » ... obtained by this approach achieves a higher detection rate than both the neural network and fuzzy logic each one individually. However, it has a higher false positive rate. Future Work For the next phase of research work, the authors are working on decreasing the false positive rate of the reasoning mechanism by trying a different neural network structure, and different membership functions in the fuzzy module. The authors will also consider developing the proposed model to handle multi-stage attacks by analysing and modelling different multi-stage attacks scenarios. References [1] H.-J. Liao, et al., "Intrusion detection system: A comprehensive review,
doi:10.20533/ijicr.2042.4655.2014.0062 fatcat:lojivs5t3jentmw4qrd2t75uf4