Title: An adaptive expert system approach for intrusion detection

Authors: Stephen F. Owens, Reuven R. Levary

Addresses: Department of Decision Sciences and MIS, Saint Louis University, 3674 Lindell Blvd., St. Louis, MO 63108, USA. ' Department of Decision Sciences and MIS, Saint Louis University, 3674 Lindell Blvd., St. Louis, MO 63108, USA

Abstract: Intrusion detection is a type of computer network security system that attempts toidentify inappropriate use of the system. As more corporate computer systems become linked to the internet and as more stakeholder transactions take place between systems, the identification and prevention of computer network misuse becomes increasingly critical. Expert system technology is often used to construct intruder detection systems. However, Intrusion Detection System (IDS) researchers have tended to build systems that are hard to manage, lack intuitive user interfaces and are cumbersome to use in real-live situations. In this paper, we present an adaptive expert system for intrusion detection that utilises fuzzy sets. This system has the ability to adapt to the type and/or degree of threat and is relatively simple to implement when used with computer system networks. Examples of rule sets are presented. The adaptive ability of the system is demonstrated by experimenting with the system using Clips 6.10.

Keywords: computer security; intruder detection; adaptive expert systems; fuzzy sets; networks; intelligent detection; fuzzy logic.

DOI: 10.1504/IJSN.2006.011780

International Journal of Security and Networks, 2006 Vol.1 No.3/4, pp.206 - 217

Published online: 21 Dec 2006 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article