基于模糊理论与关联规则的入侵检测模型

doi:10.11959/j.issn.1000-0801.2019077

Abstract

Abstract:

An intrusion detection model based on fuzzy theory and improved Apriori algorithm was proposed.The BV-Apriori algorithm was used to generate the matching rule base,and the problem of excessive boundary in the continuous data partitioning process was solved by fuzzy set technology.The real-time analysis of the relationship between features and the update of the rule base were completed,and the intrusion detection model BVA-IDS (Boolean vector Apriori-intrusion detection system) was built.The results show that the mining efficiency of the BV-Apriori algorithm is significantly improved when compared with the existing Apriori-BR algorithm,in addition,the BVA-IDS model also performs well on intrusion detection indicators with high detection accuracy,and low false positive rate and false negative rate.

Key words: intrusion detection, Apriori algorithm, Boolean vector, fuzzy theory

CLC Number:

TP393

Jianwu ZHANG,Jiasen HUANG,Di ZHOU. Intrusion detection model based on fuzzy theory and association rules[J]. Telecommunications Science, 2019, 35(5): 59-69.

Figures/Tables 10

References 14

[1]	DENNING D E . An intrusion-detection model[J]. IEEE Transactions on Software Engineering, 1987,SE-13(2): 222-232.
[2]	AGRAWAL R , IMIELINSKI T , SWAMI A N . Mining association rules between sets of items in large databases[C]// The 1993 ACM SIGMOD International Conference on Management of Data,May 26-28,1993,New York,USA. New York:ACM Press, 1993: 207-216.
[3]	AGRAWAL R , SRIKANT R . Fast algorithms for mining association rules[M]. New York: ACM PressPress, 1994: 487-499.
[4]	ADITYA S P , HEMANTH M , LAKSHMIKANTH C K ,et al. Effective algorithm for frequent pattern mining[C]// International Conference on IoT and Application,May 19-20,2017,Nagapattinam,India. Piscataway:IEEE Press, 2017.
[5]	LI L , LI Q , WU Y ,et al. Mining association rules based on deep pruning strategies[J]. Wireless Personal Communications, 2018(2): 1-25.
[6]	XIAO M , YIN Y , ZHOU Y ,et al. Research on improvement of apriori algorithm based on marked transaction compression[C]// Advanced Information Technology,Electronic and Automation Control Conference,March 25-26,2017,Chongqing,China. Piscataway:IEEE Press, 2017: 1067-1071.
[7]	黄玉蕾, 罗晓霞, 林青 . 基于位运算和倒排索引的关联规则挖掘算法[J]. 电信科学, 2015,31(11): 81-86.
	HUANG Y L , LUO X X , LIN Q . An association rule mining scheme based on bit operation and reverse index[J]. Telecommunications Science, 2015,31(11): 81-86.
[8]	CHANA G Y , CHUAA F F , LEEB C S . Fuzzy association rules vs fuzzy associative patterns in defending against Web service attacks[C]// International Conference on Fuzzy Systems and Knowledge Discovery,August 13-15,2016,Changsha,China. Piscataway:IEEE Press, 2016: 524-529.
[9]	张春琴, 谢立春 . 云环境中改进 FCM 和规则参数优化的网络入侵检测方法[J]. 电信科学, 2018,34(1): 72-79.
	ZHANG C Q , XIE L C . Network intrusion detection method based on improved FCM and rule parameter optimization in cloud environment[J]. Telecommunications Science, 2018,34(1): 72-79.
[10]	JIAO W , LI Q . Anomaly detection based on fuzzy rules[J]. International Journal of Performability Engineering, 2018,14(2): 376-385.
[11]	MABU S , CHEN C , LU N ,et al. An intrusion-detection model based on fuzzy class-association-rule mining using genetic network programming[J]. IEEE Transactions on Systems Man ＆Cybernetics Part C, 2010,41(1): 130-139.
[12]	高妮, 高岭, 贺毅岳 ,等. 基于自编码网络特征降维的轻量级入侵检测模型[J]. 电子学报, 2017(3): 730-739.
	GAO N , GAO L , HE Y Y ,et al. A lightweight intrusion detection model based on auto encoder network with feature reduction[J]. Acta Electronica Sinica, 2017(3): 730-739.
[13]	KUMAR S . Classification and detection of computer intrusions[D]. West Lafayette:Purdue University, 1995.
[14]	MADBOULY A I , GODY A M , BARAKAT T M . Relevant feature selection model using data mining for intrusion detection system[J]. International Journal of Engineering Trends ＆Technology, 2014,9(10): 804-811.

Metrics

Recommended 0

No Suggested Reading articles found!

TID	事务项集
001	I₁，I₂，I₃，I₅，I₆，I₁₁
002	I₁，I₃，I₇
003	I₅，I₉
004	I₁，I₃，I₄，I₅，I₇
005	I₁，I₃，I₅，I₇，I₁₁
006	I₅，I₁₀
007	I₁，I₂，I₃，I₅，I₆
008	I₁，I₄
009	I₁，I₃，I₅，I₇
010	I₁，I₅，I₈，I₉

项（布尔向量）	I₅（Z₄）	I₃（Z₃）	I₁（Z₂）	I₇（Z₁）
对应频繁项集：支持数	{I₅}：8	{I₁}：8	{I₃}：6	{I₇}：4
		{I₁，I₅}：6	{I₃，I₁}：6	{I₇，I₃}：4
			{I₃，I₅}：5	{I₇，I₁}：4
			{I₃，I₁，I₅}：5	{I₇，I₃，I₁}：4
				{I₇，I₅}：3
				{I₇，I₃，I₅}：3
				{I₇，I₁，I₅}：3
				{I₇，I₃，I₁，I₅}：3

检测指标		模型类别
检测指标	BVA-IDS	Crisp DM	Fuzzy DM
DR	96.38%	90.30%	94.40%
FPR	5.15%	10.30%	7.20%
FNR	3.11%	9.50%	5.00%

检测指标		模型类别
检测指标	BVA-IDS	Crisp DM	Fuzzy DM
DR	98.99%	98.30%	98.70%
FPR	0.40%	0.67%	0.53%
FNR	3.01%	5.00%	3.75%

模型/指标				数据集
模型/指标		DS1	DS2	DS3	DS4	DS5
AN⁵-SVM	DR	98.23%	94.73%	97.48%	98.31%	96.82%
	FPR	1.225%	4.48%	3.67%	1.71%	3.11%
BVA-IDS	DR	98.39%	95.51%	97.60%	98.57%	97.51%
	FPR	1.09%	3.71%	3.57%	1.46%	2.93%

Intrusion detection model based on fuzzy theory and association rules

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 10

References 14

Related Articles 11

Metrics

Recommended 0

[1]	Shigen SHEN,Sheng FENG,Haiping ZHOU,Longjun HUANG,Keli HU,Qiying CAO. Optimal approach of suppressing WSN malware propagation based on cloud computing and dynamic Bayesian game [J]. Telecommunications Science, 2018, 34(9): 78-86.
[2]	Chunqin ZANG,Lichun XIE. Network intrusion detection method based on improved FCM and rule parameter optimization in cloud environment [J]. Telecommunications Science, 2018, 34(1): 72-79.
[3]	Tingting LU,Xu HAN. Fuzzy intrusion detection system for MANET packet dropping attack [J]. Telecommunications Science, 2016, 32(10): 124-129.
[4]	Han Qiu,Julong Lan,Yangfeng Ou,Chuanhao Zhang,Yanhong Wang. Broadcasting Bidirectional Access Network Intrusion Detection System Facing Tri-Networks Integration [J]. Telecommunications Science, 2015, 31(6): 32-38.
[5]	Qian Yaguan and Guan Xiaohui. Adversarial Drift Detection in Intrusion Detection System [J]. Telecommunications Science, 2015, 31(3): 2015058-.
[6]	Xu dongliang,Zhang Hongli,Zhang Lei and Yao Chongchong. Study on Pattern Matching in Network Security [J]. Telecommunications Science, 2015, 31(3): 2015068-.
[7]	Yaguan Qian,Xiaohui Guan. Adversarial Drift Detection in Intrusion Detection System [J]. Telecommunications Science, 2015, 31(3): 67-73.
[8]	Dongliang Xu,Hongli Zhang,Lei Zhang,Chongchong Yao. Study on Pattern Matching in Network Security [J]. Telecommunications Science, 2015, 31(3): 115-123.
[9]	Yulei Huang,Xiaoxia Luo,Qing Lin. An Association Rule Mining Scheme Based on Bit Operation and Reverse Index [J]. Telecommunications Science, 2015, 31(11): 85-90.
[10]	Wang Xianglin,Zhu Chen,Sun Dongmei,Li Mingyue and Shen Qingzi. Research of Neighbor Discovery Security in IPv6 Network Protocol [J]. Telecommunications Science, 2013, 29(7): 43-48.
[11]	Xianglin Wang,Chen Zhu,Dongmei Sun,Mingyue Li,Qingzi Shen. Research of Fragment Mechanism Security in IPv6 Network Protocol [J]. Telecommunications Science, 2013, 29(10): 108-113.