Research On Fuzzy Pattern Recognition Method In IDS

Today, there is a growing emphasis on the use of intelligent methods for intrusion detection. Fuzzy technology is a simulation to reflect for understanding of the human, thinking process and the inherent ambiguity of the real world, and is a class of engineering technology based on fuzzy set theory, the possibility of distribution theory and fuzzy logic reasoning and is also a kind of intelligent technology.The application of fuzzy technology is not yet a mature new areas of research to intrusion detection system, fuzzy theory applied to anomaly detection of the intrusion detection system is research at home and abroad, and the fuzzy theory applied to feature detection is a relatively small study.According to the situation of insufficiency of fuzzy theory research in the feature detection and the strengths and weaknesses of the feature detection, the paper proposes two types of intrusion detection algorithms based on fuzzy mode contrast recognition and based on fuzzy comprehensive evaluation. The detection algorithm based on fuzzy mode contrast recognition is from establishment of fuzzy features library to proceed, thus do compare recognition to input data vector by characteristics of the knowledge. And the detection algorithm based on fuzzy comprehensive evaluation is according to protocol types'difference, from the single-factor detection point of view, establish the single factor fuzzy sets, using membership function of the maximum value attached to the decision, in the absence of specific characteristics of the knowledge to compare, and then achieve the ultimate decision through the combination of the detection results of single-factor and weight distribution of different factor. The text used intrusion detection rate and false alarm rate as evaluation scale for the two proposed algorithms.Experimental simulation results show that the intrusion detection algorithms based on fuzzy pattern contrast recognition and of the combination of protocol analysis and fuzzy comprehensive evaluation have their own advantages and disadvantages: the former is simpler and quicker than the latter from theory, and the latter has a higher detection rate and lower false positive rate than the former. In fact, to the requirements of the detection rate and false positive rate, different utility systems can have varying requirement, do a reasonable choice according to the special circumstances of weighing all aspects of interest.At the last part of the paper, solution of problems of experimental parameters is proposed-fuzzy genetic algorithm, and parts of the achievement of fuzzy genetic algorithm are present.