Abstract
Fuzzy rule interpolation (FRI) offers an effective approach for making inference possible in sparse rule-based systems (and also for reducing the complexity of fuzzy models). However, requirements of fuzzy systems may change over time and hence, the use of a static rule base may affect the accuracy of FRI applications. Fortunately, an FRI system in action will produce interpolated rules in abundance during the interpolative reasoning process. While such interpolated results are discarded in existing FRI systems, they can be utilized to facilitate the development of a dynamic rule base in supporting subsequent inference. This is because the otherwise relinquished interpolated rules may contain possibly valuable information, covering regions that were uncovered by the original sparse rule base. This paper presents a dynamic fuzzy rule interpolation (D-FRI) approach by exploiting such interpolated rules in order to improve the overall system's coverage and efficacy. The resulting D-FRI system is able to select, combine, and generalize informative, frequently used interpolated rules for merging with the existing rule base while performing interpolative reasoning. Systematic experimental investigations demonstrate that D-FRI outperforms conventional FRI techniques, with increased accuracy and robustness. Furthermore, D-FRI is herein applied for network security analysis, in devising a dynamic intrusion detection system (IDS) through integration with the Snort software, one of the most popular open source IDSs. This integration, denoted as D-FRI-Snort hereafter, delivers an extra amount of intelligence to predict the level of potential threats. Experimental results show that with the inclusion of a dynamic rule base, by generalising newly interpolated rules based on the current network traffic conditions, D-FRI-Snort helps reduce both false positives and false negatives in intrusion detection.
Original language | English |
---|---|
Article number | 8125710 |
Pages (from-to) | 1878-1892 |
Number of pages | 15 |
Journal | IEEE Transactions on Fuzzy Systems |
Volume | 26 |
Issue number | 4 |
Early online date | 04 Dec 2017 |
DOIs | |
Publication status | Published - 02 Aug 2018 |
Event | Fuzzy Systems - Vancouver, Canada Duration: 24 Jul 2016 → 29 Jul 2016 Conference number: 25 |
Keywords
- FRI
- D-FRI
- IDS
- IPS
- Snort
- D-FRI-Snort
- interpolated rules
- Dynamic rule generalization
- fuzzy rule interpolation (FRI)
- intrusion detection
- sparse rule base
Fingerprint
Dive into the research topics of 'Dynamic Fuzzy Rule Interpolation and Its Application to Intrusion Detection'. Together they form a unique fingerprint.Profiles
-
Qiang Shen
- Faculty of Business and Physical Sciences (Dept) - Pro Vice-Chancellor: Faculty of Business and Physical Sciences
Person: Teaching And Research