Skip to main content
SpringerLink
Log in

Fuzzy Rule-Base Based Intrusion Detection System on Application Layer

  • Conference paper
Recent Trends in Network Security and Applications (CNSA 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 89))

Included in the following conference series:

Abstract

The objective of this paper is to develop a Fuzzy Rule-Base Based Intrusion Detection System on Application Layer which works in the application layer of the network stack. FASIDS consist of semantic IDS and Fuzzy based IDS. Rule based IDS looks for the specific pattern which is defined as malicious. A non-intrusive regular pattern can be malicious if it occurs several times with a short time interval. At application layer, HTTP traffic’s header and payload are analyzed for possible intrusion. In the proposed misuse detection module, the semantic intrusion detection system works on the basis of rules that define various application layer misuses that are found in the network. An attack identified by the IDS is based on a corresponding rule in the rule-base. An event that doesn’t make a ‘hit’ on the rule-base is given to a Fuzzy Intrusion Detection System (FIDS) for further analysis.

In a Rule-based intrusion detection system, an attack can either be detected if a rule is found in the rule base or goes undetected if not found. If this is combined with FIDS, the intrusions went undetected by RIDS can further be detected. These non-intrusive patterns are checked by the fuzzy IDS for a possible attack. The non-intrusive patterns are normalized and converted as linguistic variable in fuzzy sets. These values are given to Fuzzy Cognitive Mapping (FCM). If there is any suspicious event, then it generates an alarm to the client/ server. Results show better performance in terms of the detection rate and the time taken to detect. The detection rate is increased with reduction in false positive rate for a specific attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abbes, T., Bouhoula, A., Rusinowitch, M.: Protocol Analysis in Intrusion Detection Using Decision Tree. In: The Proceedings of International Conference on Information Technology: Coding and Computing (ITCC 2004). IEEE, Los Alamitos (2004)

    Google Scholar 

  2. Siraj, A., Bridges, S.M., Vaughn, R.B.: Fuzzy Cognitive Maps For Decision Support in an Intelligent Intrusion Detection System. In: The Proceedings of 20th International Conference of North American Fuzzy Information (NAFIPS), vol. 4, pp. 2165–2170 (2001)

    Google Scholar 

  3. Brubaker, D.: Fuzzy cognitive maps, EDN access (1996)

    Google Scholar 

  4. Carvalho, J.P., Tome, J.A.B.: Rule-based fuzzy cognitive maps and fuzzy cognitive maps – a comparative study. In: The Proceedings of the 18th International Conference of the North American Fuzzy Information (NAFIPS), pp. 115–119 (1999)

    Google Scholar 

  5. Sangeetha, S., Vaidehi, V., Srinivasan, N.: Implementation of Application Layer Intrusion Detection System using Protocol Analysis. In: Proceedings of International Conference on Signal Processing, Networking and Communications, ICSCN 2008, pp. 279–284 (2008)

    Google Scholar 

  6. Bellamy Jr., W.: TCP Port 80 - HyperText Transfer Protocol (HTTP) Header Exploitation (2002), http://Cgisecurity.com

  7. Hallaraker, O., Vigna, G.: Detecting malicious JavaScript code in Mozilla. In: The Proceedings of the 10th International Conference on Engineering of Complex Computer Systems (ICECCS 2005), pp. 85–94 (2005)

    Google Scholar 

  8. Krugel, C., Toth, T.: Using decision trees to improve signature-based intrusion detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 173–191. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Bridges, S.M., Vaughn, R.B., Siraj, A.: AI Techniques Applied to High Performance Computing Intrusion Detection. In: Proceeding of the Tenth International Conference on Telecommunication Systems, Modeling and Analysis, Monterey CA, vol. 2, pp. 100–114 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of CSE, Angel College of Engineering and Technology, Tirupur

    S. Sangeetha, S. Haripriya, S. G. Mohana Priya, V. Vaidehi & N. Srinivasan

Authors
  1. S. Sangeetha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. Haripriya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. S. G. Mohana Priya
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. V. Vaidehi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. N. Srinivasan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Jackson State University, Jackson, MS, USA

    Natarajan Meghanathan

  2. CNAM / CEDRIC, Paris, France

    Selma Boumerdassi

  3. University of Calcutta, Calcutta, India

    Nabendu Chaki

  4. Wireilla Net Solutions PTY Ltd, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sangeetha, S., Haripriya, S., Mohana Priya, S.G., Vaidehi, V., Srinivasan, N. (2010). Fuzzy Rule-Base Based Intrusion Detection System on Application Layer. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14478-3_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14477-6

  • Online ISBN: 978-3-642-14478-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation