A probe detection model using the analysis of the fuzzy cognitive maps

Abstract

The rapid growth of network-based information systems has resulted in continuous research of security issues. Intrusion Detection Systems (IDS) is an area of increasing concerns in the Internet community. Recently, a number of IDS schemes have been proposed based on various technologies. However, the techniques, which have been applied in many systems, are useful only for the existing patterns of intrusion. They can not detect new patterns of intrusion. Therefore, it is necessary to develop a new IDS technology that can find new patterns of intrusion. Most of IDS sensors provide less than 10% rate of false positives. In this paper, we proposed a new network-based probe detection model using the fuzzy cognitive maps that can detect intrusion by the Denial of Service (DoS) attack detection method utilizing the packet analyses. The probe detection systems using fuzzy cognitive maps (PDSuF) capture and analyze the packet information to detect SYN flooding attack. Using the results of the analysis of decision module, which adopts the fuzzy cognitive maps, the decision module measures the degree of risk of the DoS and trains the response module to deal with attacks. For the performance evaluation, the "IDS Evaluation Data Set" created by MIT was used. From the simulation we obtained the average true positive rate of 97.094% and the average false negative rate of 2.936%.