Fuzzy Inference Based Intrusion Detection System: FI-Snort

摘要

Network security is one of the biggest concerns of any organisation irrespective of their size and nature of a business. Intrusion detection system (IDS) is considered as one of the most popular and effective security tools for generating alerts to the systems or network administrators to inform possible or existing threats. A standard IDS may not be very effective or even unsuitable for an organisational or individuals' requirements. For enhancing the power of IDS, security experts have been embedding additional level of intelligence by employing fuzzy logic, neural network, evolutionary techniques and many other AI techniques. This paper presents a fuzzy inference based intrusion detection system, FI-Snort. FI-Snort uses the most popular open source IDS, Snort, as a baseline. Experimental analysis shows that the addition of fuzzy inference with the IDS Snort provides an additional level of intelligence to predict the level/sensitivity of the threat. This enhanced version of Snort also reduces the false positives and false negatives.