Adaptive Intrusion Detection: A Data Mining Approach
Artificial Intelligence Review - Issues on the application of data mining
Machine Learning
Intrusion Detection System: Technology and Development
AINA '03 Proceedings of the 17th International Conference on Advanced Information Networking and Applications
Improving Intrusion Detection Performance Using Rough Set Theory and Association Rule Mining
ICHIT '06 Proceedings of the 2006 International Conference on Hybrid Information Technology - Volume 02
Modeling intrusion detection system using hybrid intelligent systems
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
Countering DDoS and XDoS Attacks against Web Services
EUC '08 Proceedings of the 2008 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing - Volume 01
Intrusion detection using fuzzy association rules
Applied Soft Computing
Journal of Intelligent Information Systems
On challenges in evaluating malware clustering
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Intrusion Detection Based on Fuzzy Association Rules
IPTC '10 Proceedings of the 2010 International Symposium on Intelligence Information Processing and Trusted Computing
Expert Systems with Applications: An International Journal
Journal of Network and Computer Applications
Random-Forests-Based Network Intrusion Detection Systems
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
Fuzzy association rules: general model and applications
IEEE Transactions on Fuzzy Systems
Policy-enhanced ANFIS model to counter SOAP-related attacks
Knowledge-Based Systems
| Hi-index | 0.00 |
Most active research in Host and Network-based Intrusion Detection (ID) and Intrusion Prevention (IP) systems are only able to detect and prevent attacks of the computer systems and attacks at the Network Layer. They are not adequate to countermeasure XML-related attacks. Furthermore, although research have been conducted to countermeasure Web application attacks, they are still not adequate in countering SOAP or XML-based attacks. In this paper, a predictive fuzzy association rule model aimed at segregating known attack patterns (such as SQL injection, buffer overflow and SOAP oversized payload) and anomalies is developed. First, inputs are validated using business policies. The validated input is then fed into our fuzzy association rule model (FARM). Consequently, 20 fuzzy association rule patterns matching input attributes with 3 decision outcomes are discovered with at least 99% confidence. These fuzzy association rule patterns will enable the identification of frequently occurring features, useful to the security administrator in prioritizing which feature to focus on in the future, hence addressing the features selection problem. Data simulated using a Web service e-commerce application are collected and tested on our model. Our model's detection or prediction rate is close to 100% and false alarm rate is less than 1%. Compared to other classifiers, our model's classification accuracy using random forests achieves the best results with RMSE close to 0.02 and time to build the model within 0.02s for each data set with sample size of more than 600 instances. Thus, our novel fuzzy association rule model significantly provides a viable added layer of security protection for Web service and Business Intelligence-based applications.