A survey and taxonomy of the fuzzy signature-based Intrusion Detection Systems

Organizations that benefit from information technologies are vulnerable to various attacks and malicious behaviors. Intrusion Detection Systems (IDS) are one of the main lines of defense which in conjunction with firewalls and other security components are applied to deal with intrusions and unautho...

Full description

Saved in:
Bibliographic Details
Published inApplied soft computing Vol. 92; p. 106301
Main Authors Masdari, Mohammad, Khezri, Hemn
Format Journal Article
LanguageEnglish
Published Elsevier B.V 01.07.2020
Subjects
ANFIS
FCM
Feature selection
Fuzzy logic
Intrusion detection
Neuro-fuzzy
Fuzzy logic
FCM
Feature selection
ANFIS
Intrusion detection
Neuro-fuzzy
Online AccessGet full text

Cover

More Information
Summary:Organizations that benefit from information technologies are vulnerable to various attacks and malicious behaviors. Intrusion Detection Systems (IDS) are one of the main lines of defense which in conjunction with firewalls and other security components are applied to deal with intrusions and unauthorized misbehaviors. Misuse detection is one of the main branches of the intrusion detection which intends to prevent known security attacks regarding their previously known signatures. This paper presents a comprehensive investigation of the fuzzy misuse detection schemes designed using various machine learning and data mining techniques to deal with different kinds of intrusions. For this purpose, it first presents the key points and knowledge about intrusion detection and then classifies the fuzzy misuse detection approaches regarding their applied fuzzy techniques and algorithms. Then, it illustrates the major contributions of the fuzzy IDS schemes and illuminates their merits and limitations. Besides, in each section, the comparison of their applied datasets, performance evaluation factors, feature extraction methods as well as the type of fuzzy logic controller (FLC) and membership functions are provided. Finally, the concluding issues and the directions for future researches are highlighted. •Providing a brief overview of the various types of IDS proposed to secure computer networks and hosts.•Classification of the investigated fuzzy IDS schemes and describing their architecture and major contributions.•Providing a brief overview of the various types of IDS proposed to secure computer networks and hosts.•Highlighting the pros and cons of the studied schemes by providing a comparison of them.•Illuminating future researches.
ISSN:1568-4946
1872-9681
DOI:10.1016/j.asoc.2020.106301