Adding Contextual Information to Intrusion Detection Systems Using Fuzzy Cognitive Maps

Abstract

In the last few years there has been considerable increase in the efficiency of Intrusion Detection Systems (IDSs). However, networks are still the victim of attacks. As the complexity of these attacks keeps increasing, new and more robust detection mechanisms need to be developed. The next generation of IDSs should be designed incorporating reasoning engines supported by contextual information about the network, cognitive information and situational awareness to improve their detection results. In this paper, we propose the use of a Fuzzy Cognitive Map (FCM) in conjunction with an IDS to incorporate contextual information into the detection process. We have evaluated the use of FCMs to adjust the Basic Probability Assignment (BPA) values defined prior to the data fusion process, which is crucial for the IDS that we have developed. The experimental results that we present verify that FCMs can improve the efficiency of our IDS by reducing the number of false alarms, while not affecting the number of correct detections.

Description

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.

Keywords

Basic Probability Assignment, Contextual Information, Dempster-Shafer Theory, Fuzzy Cognitive Maps, Intrusion Detection Systems, Network Security

Citation

Aparicio-Navarro, F.J., Kyriakopoulos, K., Parish, D.J., Chambers, J.A. (2016) Adding Contextual Information to Intrusion Detection Systems Using Fuzzy Cognitive Maps. In proceedings of 2016 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), San Diego, USA, March 2016.

Rights

Research Institute