Skip to Main Content
Information security is an issue of serious global concern. The complexity, accessibility, and openness of the Internet have served to increase the security risk of information systems tremendously. Intrusions pose a serious security risk in a network environment. The normal and the abnormal behaviors in networked computers are hard to predict, as the boundaries cannot be well defined. This prediction process usually generates false alarms in many anomaly based intrusion detection systems. However, with fuzzy logic, the false alarm rate in determining intrusive activities can be reduced, where a set of fuzzy rules is used to define the normal and abnormal behavior in a computer network, and a fuzzy inference engine can be applied over such rules to determine intrusions. This paper proposes a technique with genetic algorithm to generate fuzzy rules instead of manual design that are able to detect anomalies and some specific intrusions. Experiments were performed with DARPA data sets, during normal behavior and intrusive behavior. This paper presents some results and reports the performance of generated fuzzy rules in classifying different types of intrusions.