Fuzzy logic on decision model for IDS

Proceeding of: The 12th IEEE International Conference on Fuzzy Systems, 2003. FUZZ '03. Sunday 25 May - Wednesday 28 May, 2003, St. Louis, Missouri, USANowadays one of the main problems of Intrusion Detection Systems (IDS) is the high rate of false positives that they show. The number of alerts that an IDS launches are clearly higher than the number of real attacks. This paper tries to introduce a measure of the IDS prediction skill in close relationship with these false positives. So the prediction skill of an IDS is then computed according to the false positives produced. The problem faced is how to make an accurate prediction from the results of different IDS. The fraction of IDS over the total number of them that predicts a given event will determine whether such event is predicted or not. The performance obtained from the application of fuzzy thresholds over such fraction is compared with the corresponding crisp thresholds. The results of these comparisons allow us to conclude a relevant improvement when fuzzy thresholds are involved.Publicad

Memristor Crossbar-based Hardware Implementation of IDS Method

Ink Drop Spread (IDS) is the engine of Active Learning Method (ALM), which is the methodology of soft computing. IDS, as a pattern-based processing unit, extracts useful information from a system subjected to modeling. In spite of its excellent potential in solving problems such as classification and modeling compared to other soft computing tools, finding its simple and fast hardware implementation is still a challenge. This paper describes a new hardware implementation of IDS method based on the memristor crossbar structure. In addition of simplicity, being completely real-time, having low latency and the ability to continue working after the occurrence of power breakdown are some of the advantages of our proposed circuit.Comment: 16 pages, 13 figures, Submitted to IEEE Transaction on Fuzzy System

A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks