A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering

  • Authors:

  • Gang Wang;Jinxing Hao;Jian Ma;Lihua Huang

  • Affiliations:

  • School of Management, Fudan University, Shanghai 200433, PR China and Department of Information Systems, City University of Hong Kong, Tat Chee Avenue, Kowloon, Hong Kong;Department of Information Systems, City University of Hong Kong, Tat Chee Avenue, Kowloon, Hong Kong and School of Economics and Management, Beihang University, Beijing 100083, PR China;Department of Information Systems, City University of Hong Kong, Tat Chee Avenue, Kowloon, Hong Kong;School of Management, Fudan University, Shanghai 200433, PR China

  • Venue:
  • Expert Systems with Applications: An International Journal
  • Year:
  • 2010

Quantified Score

Hi-index 12.05

Visualization

Abstract

Many researches have argued that Artificial Neural Networks (ANNs) can improve the performance of intrusion detection systems (IDS) when compared with traditional methods. However for ANN-based IDS, detection precision, especially for low-frequent attacks, and detection stability are still needed to be enhanced. In this paper, we propose a new approach, called FC-ANN, based on ANN and fuzzy clustering, to solve the problem and help IDS achieve higher detection rate, less false positive rate and stronger stability. The general procedure of FC-ANN is as follows: firstly fuzzy clustering technique is used to generate different training subsets. Subsequently, based on different training subsets, different ANN models are trained to formulate different base models. Finally, a meta-learner, fuzzy aggregation module, is employed to aggregate these results. Experimental results on the KDD CUP 1999 dataset show that our proposed new approach, FC-ANN, outperforms BPNN and other well-known methods such as decision tree, the naive Bayes in terms of detection precision and detection stability.