Fuzzy rule interpolation and SNMP-MIB for emerging network abnormality

9Citations
Citations of this article
14Readers
Mendeley users who have this article in their library.

Abstract

It is difficult to implement an efficient detection approach for Intrusion Detection Systems (IDS), and many factors contribute to this challenge. One such challenge concerns establishing adequate boundaries and finding a proper data source. Typical IDS detection approaches deal with raw traffics. These traffic need to be studied in depth and thoroughly investigated to extract the required knowledge base. Another challenge involves implementing a binary decision. This is because there are no reasonable limits between normal and attack traffics patterns. In this paper, we introduce a novel idea capable of supporting the proper data source while avoiding the issues associated with the binary decision. This paper aims to introduce a detection approach for defining abnormality by using the Fuzzy Rule Interpolation (FRI) with Simple Network Management Protocol (SNMP) Management Information Base (MIB) parameters. The strength of the proposed detection approach is based on adapting the SNMP-MIB parameters with the FRI. This proposed method eliminates the raw traffic processing component, which is time-consuming and requires extensive computational measures. It also eliminates the need for a complete fuzzy rule-based intrusion definition. The proposed approach was tested and evaluated using an open source SNMP-MIB dataset and obtained a 93% detection rate. Additionally, when compared to other literature in which the same test-bed environment was employed along with the same number of parameters, the proposed detection approach outperformed the support vector machine and neural network. Therefore, combining the SNMP-MIB parameters with the FRI based reasoning could be beneficial for detecting intrusions, even in the case if the fuzzy rule-based intrusion definition is incomplete (not fully defined).

Cite

CITATION STYLE

APA

Almseidin, M., Al-kasassbeh, M., & Kovacs, S. (2019). Fuzzy rule interpolation and SNMP-MIB for emerging network abnormality. International Journal on Advanced Science, Engineering and Information Technology, 9(3), 735–744. https://doi.org/10.18517/ijaseit.9.3.7360

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free