Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

A Probe Detection Model Using the Analysis of the Fuzzy Cognitive Maps

  • Conference paper
Computational Science and Its Applications – ICCSA 2005 (ICCSA 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3480))

Included in the following conference series:

Abstract

The rapid growth of network-based information systems has resulted in continuous research of security issues. Intrusion Detection Systems (IDS) is an area of increasing concerns in the Internet community. Recently, a number of IDS schemes have been proposed based on various technologies. However, the techniques, which have been applied in many systems, are useful only for the existing patterns of intrusion. They can not detect new patterns of intrusion. Therefore, it is necessary to develop a new IDS technology that can find new patterns of intrusion. Most of IDS sensors provide less than 10% rate of false positives. In this paper, we proposed a new network-based probe detection model using the fuzzy cognitive maps that can detect intrusion by the Denial of Service (DoS) attack detection method utilizing the packet analyses. The probe detection systems using fuzzy cognitive maps (PDSuF) capture and analyze the packet information to detect SYN flooding attack. Using the results of the analysis of decision module, which adopts the fuzzy cognitive maps, the decision module measures the degree of risk of the DoS and trains the response module to deal with attacks. For the performance evaluation, the “IDS Evaluation Data Set” created by MIT was used. From the simulation we obtained the average true positive rate of 97.094% and the average false negative rate of 2.936%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Gibson, S.: The Strange Tale of the Denial of Service Attacks Agent GRC.COM, http://grc.com/dos/grcdos.htm

  2. Hofmeyr, S.A., Forrest, S., Somayaji, A.: Intrusion detection using sequences of system calls. Journal of Computer Security 6, 151–180 (1998)

    Google Scholar 

  3. Axelrod, R.: Structure of Decision: The Cognitive Maps of Political Elites. Princeton University Press, Princeton (1976)

    Google Scholar 

  4. Cannady, J.: Applying Neural Networks to Misuse Detection. In: Proceedings of the 21st National Information System Security Conference (1998)

    Google Scholar 

  5. Hongik Univ., STRC, Intrusion Detection System and Detection Rates Report, KISA (1999)

    Google Scholar 

  6. Lee, H.S., Im, Y.H.: Adaptive Intrusion Detection System Based on SVM and Clustering. Journal of Fuzzy Logic and Intelligent Systems 13(2), 237–242 (2003)

    Google Scholar 

  7. Feinstein, L., Schnackenberg, D., Balupari, R., Kindred, D.: Statistical Approaches to DDoS Attack Detection and Response. In: DARPA Information Survivability Conference and Exposition (2003)

    Google Scholar 

  8. Savage., S., Wetherall, D., Karlin, A.: Practical Network Support for IP Trace-back. In: Proceedings of ACM SIGCOMM (2000)

    Google Scholar 

  9. Garg, A., Narasimha, A.L.: Policy Based end Server Resource Regulation. IEEE/ACM Transactions on Networking 8(2), 146–157 (2000)

    Article  Google Scholar 

  10. Ferguson, P., Sene, D.: Network Igress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing. RFC 2827 (2000)

    Google Scholar 

  11. Lee, W., Stolfo, S.J.: A Framework for Constructing Features and Models for Intrusion Detection Systems. In: Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (2000)

    Google Scholar 

  12. Chang, K.C.: Defending against Flooding-Based Distributed Denial of Service A Tutorial. IEEE Communications Magazine (2002)

    Google Scholar 

  13. Lee, S.Y.: An Adaptive Probe Detection Model using Fuzzy Cognitive Maps, Ph. D. Dissertation, Daejeon University (2003)

    Google Scholar 

  14. Solar: Designing and Attacking Port Scan Detection Tools. Phrack Magazine 8(53), 13–15 (1998)

    Google Scholar 

  15. Real-Time Scan Detector in real time networks, http://www.krcert.or.kr

  16. Staniford, S., Hoagland, J.A., Mcalerney, J.M.: Practical Automated Detection of Stealthy Portscans., http://silicondefense.com/software/spice/index.htm

  17. Schuba, C.L., Krsul, I.V., Kuhn, M.G.: Analysis of a Denial of Service Attack on TCP. In: Proceedings of IEEE Symposium on Security and Privacy, pp. 208–223 (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Chungwoon University, San 29 Namjang-Ri, Hongseong-Eup, Hongseong-Gun, Chungnam, 350-701, Korea

    Se-Yul Lee

  2. Division of Computer Engineering, Daejeon University, 96-3 Yongun-Dong, Dong-Gu, Daejeon, 300-716, Korea

    Yong-Soo Kim & Suk-Hoon Kang

  3. Department of Information & Communications Engineering, Daejeon University, 96-3 Yongun-Dong, Dong-Gu, Daejeon, 300-716, Korea

    Bong-Hwan Lee

  4. School of Engineering, ICU, 119 Munjiro, Yuseung-Gu, Daejeon, 305-732, Korea

    Chan-Hyun Youn

Authors
  1. Se-Yul Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong-Soo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bong-Hwan Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Suk-Hoon Kang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Chan-Hyun Youn
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Mathematics and Computer Science, University of Perugia, via Vanvitelli, 1, I-06123, Perugia, Italy

    Osvaldo Gervasi

  2. Department of Computer Science, University of Calgary, 2500 University Drive N.W, T2N 1N4, Calgary, AB, Canada

    Marina L. Gavrilova

  3. William Norris Professor, Head of the Computer Science and Engineering Department, University of Minnesota, USA

    Vipin Kumar

  4. Department of Chemistry, University of Perugia, Via Elce di Sotto, 8, P.O. Box, I-06123, Perugia, Italy

    Antonio Laganà

  5. Institute of High Performance Computing, IHCP, 1 Science Park Road, 01-01 The Capricorn, Singapore Science Park II, 117528, Singapore

    Heow Pueh Lee

  6. School of Computing, Soongsil University, Seoul, Korea

    Youngsong Mun

  7. Clayton School of IT, Monash University, 3800, Clayton, Australia

    David Taniar

  8. OptimaNumerics Ltd, P.O. Box, Belfast, United Kingdom

    Chih Jeng Kenneth Tan

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lee, SY., Kim, YS., Lee, BH., Kang, SH., Youn, CH. (2005). A Probe Detection Model Using the Analysis of the Fuzzy Cognitive Maps. In: Gervasi, O., et al. Computational Science and Its Applications – ICCSA 2005. ICCSA 2005. Lecture Notes in Computer Science, vol 3480. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11424758_34

Download citation

  • DOI: https://doi.org/10.1007/11424758_34

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25860-5

  • Online ISBN: 978-3-540-32043-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation