Research On Intrusion Detection Based On Soft Computing Theories

Presently, the intrusion detection system has many deficiencies for its short history, e.g., higher false rate, the weakness of active detecting, the poor performance, etc. The thesis attempts to solve these issues by applying soft computing theories. The experimental results show that the soft computing theories play an important role in the intrusion detection system.Host intrusion detection techniques based on short sequence of system calls are investigated. After the system calls are classified into four categories according to its dangerous degree, a new method, the fuzzy neural network is applied to the intrusion detection based on short sequences of system calls, is proposed. The experimental results show that the proposed method can provide good detection performances.Host intrusion detection always uses either the sequence or frequency character of system calls. But different attacks may be more sensitive to one character than another, so a novel host intrusion detection scheme based the combination of the sequence and frequency characters is proposed. This method can reduce not only the false positive but also false negative rapidly, and has higher ability against to the noise in the data sets.The critical problem of network intrusion detection system is its slower response. To improve the detection efficiency, the thesis applies an improved dynamic neural network to network intrusion detection system. Experimental results clarify that the proposed intrusion detectors have enough accuracy for network intrusion detection.There are so many attributes of network packets in the network intrusion detection system. These attributes are impact on not only the detection accuracy but also the detection performance. Hence, the SOM map is applied to reduce the dimension of the attributes. Then a new self-organizing fuzzy neural network with SOM is applied to network intrusion detection system. The experimental results illustrate that the proposed scheme can provide good detection rates than many of the others.Lacking of active is the main problem of the intrusion detection system. The intrusion prevention system (IPS) is the key methodology of solving this issue. Intrusion attempts prediction technique is the key scheme of the IPS, which can forecast the intrusions before the protected system was attacked or destroyed. Both of host and network intrusion attempts prediction schemes based on soft computing techniques are investigated. The experimental results demonstrate that the proposed Scheme has good accuracy of predicting the network intrusion attempts.Finally, the structure of a new global network oriented intrusion detection system is proposed. The scheme monitors and detects every end user's behaviors directly by...