Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Malware and Machine Learning Read chapter Read first chapter

2015 | OriginalPaper | Chapter

Intrusion Detection with Type-2 Fuzzy Ontologies and Similarity Measures

Authors : Robin Wikström, József Mezei

Published in: Intelligent Methods for Cyber Warfare

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Intrusions carry a serious security risk for financial institutions. As new intrusion types appear continuously, detection systems have to be designed to be able to identify attacks that have never been experienced before. Insights provided by knowledgeable experts can contribute to a high extent to the identification of these anomalies. Based on a critical review of the relevant literature in intrusion detection and similarity measures of interval-valued fuzzy sets, we propose a framework based on fuzzy ontology and similarity measures to incorporate expert knowledge and represent and make use of imprecise information in the intrusion detection process. As an example we developed a fuzzy ontology based on the intrusion detection needs of a financial institution.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Information Fusion Process Design Issues for Hard and Soft Information: Developing an Initial Prototype
next chapter A Multi-objective Genetic Algorithm Based Approach for Effective Intrusion Detection Using Neural Networks
Footnotes
Literature
1.
Acampora, G., Loia, V.: Using FML and fuzzy technology in adaptive ambient intelligence environments. Int. J. Comput. Intell. Res. 1(1), 171–182 (2005)
2.
Anderson, J.P.: Computer security threat monitoring and surveillance. Technical Report James P. Anderson Company, Fort Washington, Pennsylvania (1980)
3.
Apel, M., Bockermann, C., Meier M.: Measuring similarity of malware behavior. In: IEEE 34th Conference on Local Computer Networks (LCN 2009), pp. 891–898 (2009)
4.
Atannasov, K.: Intuitionistic Fuzzy Sets: Theory and Applications. Physica-Verlag, New York (1999)CrossRef
5.
6.
Bobillo, F.: Managing vagueness in ontologies. PhD Thesis, University of Granada, Spain (2008)
7.
Bobillo, F., Straccia, U.: Fuzzy ontology representation using OWL 2. Int. J. Approximate Reasoning 52(7), 1073–1094 (2011)CrossRefMathSciNet
8.
Bobillo, F., Straccia, U.: Aggregation operators for fuzzy ontologies. Appl. Soft Comput. 13(9), 3816–3830 (2013)CrossRef
9.
Botha, M., von Solms, R.: Utilising fuzzy logic and trend analysis for effective intrusion detection. Comput. Secur. 22(5), 423–434 (2003)CrossRef
10.
Burillo, P., Bustince, H.: Entropy on intuitionistic fuzzy sets and on interval-valued fuzzy sets. Fuzzy Sets Syst. 78(3), 305–316 (1996)CrossRefMATHMathSciNet
11.
Bustince, H.: Indicator of inclusion grade for interval-valued fuzzy sets. application to approximate reasoning based on interval-valued fuzzy sets. Int. J. Approximate Reasoning 23(3), 137–209 (2000)CrossRefMATHMathSciNet
12.
Carlsson, C., Fullér, R., Mezei J.: Project selection with interval-valued fuzzy numbers. In: IEEE 12th International Symposium on Computational Intelligence and Informatics (CINTI), pp. 23–26 (2011)
13.
Catania, C.A., Garino, C.G.: Automatic network intrusion detection: current techniques and open issues. Comput. Electr. Eng. 38(5), 1062–1072 (2012)CrossRef
14.
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41(3), 15 (2009)CrossRef
15.
Chen, S.-J., Chen, S.-M.: Fuzzy risk analysis based on measures of similarity between interval-valued fuzzy numbers. Comput. Math. Appl. 55(8), 1670–1685 (2008)CrossRefMATHMathSciNet
16.
Chen, S.-M., Chen, J.-H.: Fuzzy risk analysis based on similarity measures between interval-valued fuzzy numbers and interval-valued fuzzy number arithmetic operators. Expert Syst. Appl. 36(3), 6309–6317 (2009)CrossRef
17.
Chiang, H.-S., Tsaur, W.: Mobile malware behavioral analysis and preventive strategy using ontology. In: IEEE Second International Conference on Social Computing (SocialCom), pp. 1080–1085 (2010)
18.
Dai, S.-Y., Fyodor, Y., Kuo, S.-Y., Wu, M.-W., Huang Y.: Malware profiler based on innovative behavior-awareness technique. In: IEEE 17th Pacific Rim International Symposium on Dependable Computing (PRDC), pp. 314–319 (2011)
19.
Dengfeng, L., Chuntian, C.: New similarity measures of intuitionistic fuzzy sets and application to pattern recognitions. Pattern Recogn. Lett. 23(1), 221–225 (2002)CrossRefMATH
20.
Dickerson, J.E., Juslin, J., Koukousoula, O., Dickerson, J.A.: Fuzzy intrusion detection. In: IEEE 9th joint IFSA World Congress and 20th NAFIPS International Conference, vol. 3, pp. 1506–1510 (2001)
21.
Feng, Z.-Q., Liua, C.-G.: On similarity-based approximate reasoning in interval-valued fuzzy environments. Informatics 36, 255–262 (2012)
22.
Gorzałczany, M.: A method of inference in approximate reasoning based on interval-valued fuzzy sets. Fuzzy Sets Syst. 21(1), 1–17 (1987)CrossRefMATH
23.
Grzegorzewski, P.: Distances between intuitionistic fuzzy sets and/or interval-valued fuzzy sets based on the hausdorff metric. Fuzzy Sets Syst. 148(2), 319–328 (2004)CrossRefMATHMathSciNet
24.
Hendler, J.: Agents and the semantic web. Intell. Syst. 16(2), 30–37 (2001)CrossRef
25.
Horridge, M., Krötzsch, M., Parsia, B., Patel-Schneider, P., Rudolph, S.: OWL 2 web ontology language, primer. W3C Working Group (2009)
26.
Hua, J., Bapna, S.: The economic impact of cyber terrorism. J. Strateg. Inf. Syst. 22(2), 175–186 (2013)CrossRef
27.
Huang, H.-D., Acampora, G., Loia, V., Lee,C.-S., Hagras, H., Wang, M.-H., Kao, H.-Y., Chang J.-G.: Fuzzy markup language for malware behavioral analysis. In: On the Power of Fuzzy Markup Language, pp. 113–132. Springer (2013)
28.
Huang, H.-D., Acampora, G., Loia, V., Lee, C.-S., Kao, H.-Y.: Applying FML and fuzzy ontologies to malware behavioural analysis. In: IEEE International Conference on Fuzzy Systems, pp. 2018–2025 (2011)
29.
Huang, H.-D., Lee, C.-S., Wang, M.-H., Kao, H.-Y.: IT2FS-based ontology with soft-computing mechanism for malware behavior analysis. Soft Comput. 18(2), 267–284 (2014)CrossRef
30.
Hung, S.-S., Liu, D.S.-M.: A user-oriented ontology-based approach for network intrusion detection. Comput. Stan. Interfaces 30(1–2), 78–88 (2008)CrossRefMathSciNet
31.
Hwang, C.-M., Yang, M.-S.: New similarity measures between interval-valued fuzzy sets. In: Proceedings of the 15th WSEAS International Conference on Systems, pp. 66–70 (2011)
32.
Knublauch, H., Fergerson, R., Noy, N., Musen, M.: The Protégé OWL plugin: an open development environment for semantic web applications. The Semantic Web-ISWC 2004, 229–243 (2004)
33.
Lau, A., Tsui, E., Lee, W.: An ontology-based similarity measurement for problem-based case reasoning. Expert Syst. Appl. 36(3, Part 2):6574–6579 (2009)
34.
35.
Leder, F.S., Martini, P.: Ngbpa next generation botnet protocol analysis. In: Emerging Challenges for Security, Privacy and Trust, pp. 307–317. Springer (2009)
36.
Lee, C., Wang, M., Hagras, H.: A type-2 fuzzy ontology and its application to personal diabetic-diet recommendation. IEEE Trans. Fuzzy Syst. 18(2), 374–395 (2010)
37.
Li, W., Tian, S.: An ontology-based intrusion alerts correlation system. Expert Syst. Appl. 37(10), 7138–7146 (2010)CrossRef
38.
Li, Y., Olson, D.L., Qin, Z.: Similarity measures between intuitionistic fuzzy (vague) sets: a comparative analysis. Pattern Recogn. Lett. 28(2), 278–285 (2007)CrossRef
39.
Liang, Z., Shi, P.: Similarity measures on intuitionistic fuzzy sets. Pattern Recogn. Lett. 24(15), 2687–2693 (2003)CrossRefMATH
40.
Liao, Y., Vemuri, V.R.: Using text categorization techniques for intrusion detection. In: USENIX Security Symposium, vol. 12 (2002)
41.
Liu, W.: Research of data mining in intrusion detection system and the uncertainty of the attack. In: International Symposium on Computer Network and Multimedia Technology, pp. 1–4 (2009)
42.
Lukasiewicz, T., Straccia, U.: Managing uncertainty and vagueness in description logics for the semantic web. Web Semantics: Science, Services and Agents on the World Wide Web 6(4), 291–308 (2008)CrossRef
43.
McCulloch, J., Wagner, C., Aickelin, U.: Extending similarity measures of interval type-2 fuzzy sets to general type-2 fuzzy sets. In: IEEE International Conference on Fuzzy Systems, pp. 1–8 (2013)
44.
Mezei J., Wikström, R.: OWAD operators in type-2 fuzzy ontologies. In: Proceedings of the 2013 Joint IFSA World Congress NAFIPS Annual Meeting, number ISBN: 978-1-4799-0347-4, pp. 848-853 (2013)
45.
Mitchell, H.: On the dengfeng-chuntian similarity measure and its application to pattern recognition. Pattern Recogn. Lett. 24(16), 3101–3104 (2003)CrossRef
46.
Mitchell, H.B.: Pattern recognition using type-II fuzzy sets. Inf. Sci. 170(2), 409–418 (2005)CrossRef
47.
Ning, P., Xu, D.: Learning attack strategies from intrusion alerts. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 200–209. ACM, (2003)
48.
Park, W.H.: Risk analysis and damage assessment of financial institutions in cyber attacks between nations. Math. Comput. Model. 58(11–12), 18–45 (2012)
49.
Riccardi, M., Oro, D., Luna, J., Cremonini, M., Vilanova, M.: A framework for financial botnet analysis. In: eCrime Researchers Summit (eCrime), pp. 1–7 (2010)
50.
Riccardi, M., Pietro, R.D., Palanques, M., Vila, J.A.: Titans revenge: detecting Zeus via its own flaws. Comput. Networks 57(2):422–435 (2013) (Botnet Activity: Analysis, Detection and Shutdown.)
51.
Sharma, A., Pujari, A.K., Paliwal, K.K.: Intrusion detection using text processing techniques with a kernel based similarity measure. Comput. Secur. 26(7–8), 488–495 (2007)CrossRef
52.
Simmonds, A., Sandilands, P., van Ekert, L.: An ontology for network security attacks. In: Applied Computing, pp. 317–323. Springer (2004)
53.
Szmidt, E., Kacprzyk, J.: On measuring distances between intuitionistic fuzzy sets. Notes on IFS 3(4), 1–13 (1997)MATHMathSciNet
54.
55.
Tafazzoli, T., Sadjadi, S.H.: Malware fuzzy ontology for semantic web. Int. J. Comput. Sci. Network Secur. 8(7), 153–161 (2008)
56.
Tajbakhsh, A., Rahmati, M., Mirzaei, A.: Intrusion detection using fuzzy association rules. Appl. Soft Comput. 9(2), 462–469 (2009)CrossRef
57.
Turksen, I., Zhong, Z.: An approximate analogical reasoning schema based on similarity measures and interval-valued fuzzy sets. Fuzzy Sets Syst. 34(3), 323–346 (1990)CrossRef
58.
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Recent Advances in Intrusion Detection, pp. 113–135. Springer, (2003)
59.
Wagener, G., Dulaunoy, A., et al.: Malware behaviour analysis. J. Comput. Virol. 4(4), 279–287 (2008)CrossRef
60.
Wang, C., Entropy, AQu: similarity measure and distance measure of vague soft sets and their relations. Inf. Sci. 244, 92–106 (2013)CrossRef
61.
Wang, G., Hao, J., Ma, J., Huang, L.: A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst. Appl. 37(9), 6225–6232 (2010)CrossRef
62.
Wu, D., Mendel, J.: A comparative study of ranking methods, similarity measures and uncertainty measures for interval type-2 fuzzy sets. Inf. Sci. 179(8), 1169–1192 (2009)CrossRefMathSciNet
63.
Wu, D., Mendel, J.M.: A vector similarity measure for linguistic approximation: interval type-2 and type-1 fuzzy sets. Inf. Sci. 178(2), 381–402 (2008)CrossRefMATHMathSciNet
64.
Xu, Z.: Some similarity measures of intuitionistic fuzzy sets and their applications to multiple attribute decision making. Fuzzy Optim. Decis. Making 6(2), 109–121 (2007)CrossRefMATH
65.
Xu, Z., Chen, J.: Ordered weighted distance measure. J. Syst. Sci. Syst. Eng. 17(4), 432–445 (2008)CrossRef
66.
67.
Zeng, W., Guo, P.: Normalized distance, similarity measure, inclusion measure and entropy of interval-valued fuzzy sets and their relationship. Inf. Sci. 178(5), 1334–1342 (2008)CrossRefMATHMathSciNet
68.
Zeng, W., Li, H.: Relationship between similarity measure and entropy of interval valued fuzzy sets. Fuzzy Sets Syst. 157(11), 1477–1484 (2006)CrossRefMATHMathSciNet
69.
Zhang, C., Fu, H.: Similarity measures on three kinds of fuzzy sets. Pattern Recogn. Lett. 27(12), 1307–1317 (2006)CrossRefMATH
70.
Zhang, H., Zhang, W.: Inclusion measure and similarity measure of intuitionistic and interval-valued fuzzy sets. In: Proceedings of the 2007 International Conference on Intelligent Systems and Knowledge Engineering (ISKE2007) (2007)
71.
Zheng, G., Wang, J., Zhou, W., Zhang, Y.: A similarity measure between interval type-2 fuzzy sets. In: International Conference on Mechatronics and Automation (ICMA), pp. 191–195 (2010)
72.
Zheng, G., Xiao, J., Wang, J., Wei, Z.: A similarity measure between general type-2 fuzzy sets and its application in clustering. In: IEEE 8th World Congress on Intelligent Control and Automation (WCICA), pp. 6383–6387 (2010)
Metadata
Title
Intrusion Detection with Type-2 Fuzzy Ontologies and Similarity Measures
Authors
Robin Wikström
József Mezei
Copyright Year
2015
Book
Intelligent Methods for Cyber Warfare

Print ISBN: 978-3-319-08623-1

Electronic ISBN: 978-3-319-08624-8

Copyright Year: 2015

DOI
https://doi.org/10.1007/978-3-319-08624-8_7

Premium Partner

    Image Credits