Skip to Main Content
In this paper, we integrate fuzzy association rules to design and implement an abnormal network intrusion detection system. Since the association rules used in traditional information detection cannot effectively deal with changes in network behavior, it will better meet the actual needs of abnormal detection to introduce the concept of fuzzy association rules to strengthen the adaptability. This paper mainly focuses on the study of Denial of Service (DOS). According to the experimental results, it is found that our system can correctly identify all DOS attacks on test after appropriate adjustment of system parameters. Moreover, it also proves, in the experiment, that our system would not result in false positives under such circumstances as a large amount of instantaneous FTP normal packet flow. In addition, if source of an attacker can be determined, the system will also be able to promptly inform the firewall to alter its rules and cut off the connection.