Исследование алгоритмов адаптивных нейро-нечетких сетей ANFIS для решения задачи идентификации сетевых атак

Denis Igorevich Parfenov; Irina Pavlovna Bolodurina; Lyubov Sergeevna Zabrodina; Artur Yurievich Zhigalov

doi:10.25559/SITITO.16.202003.533-542

Denis Igorevich Parfenov Orenburg State University http://orcid.org/0000-0002-1146-1270
Irina Pavlovna Bolodurina Orenburg State University http://orcid.org/0000-0003-0096-2587
Lyubov Sergeevna Zabrodina Orenburg State University http://orcid.org/0000-0003-2752-7198
Artur Yurievich Zhigalov Orenburg state University http://orcid.org/0000-0003-3208-1629

DOI: https://doi.org/10.25559/SITITO.16.202003.533-542

Abstract

At the moment, the pace of change in the nature of cybersecurity incidents necessitates the modification of existing algorithms for identifying attacks in intrusion detection systems in such a way that a quick response to new types of attacks is carried out. Modern algorithms for data mining allow building solutions to such problems, however, the result, as a rule, depends both on the tools and learning algorithms used, and on the quality of the data on which the model is built. To improve the quality of data due to objective uncertainty, there is a complex of methods and algorithms for processing and filtering, while the influence of the subjectivity of experts is the most difficult task, the effectiveness of which was shown by the systems of neuro-fuzzy inference. In this regard, this work is aimed at studying the algorithms of adaptive neuro-fuzzy networks ANFIS based on various representations of fuzzy rules that allow the classification of incoming network traffic to identify various cybersecurity incidents. The obtained results of a general assessment of the effectiveness of identifying network attacks using various measures of accuracy showed that the most optimal neuro-fuzzy classifier is the ANFIS network using fuzzy Takagi-Sugeno-Kanga inference. At the same time, the least effective results of identifying various types of network attacks were shown by the use of Wang-Mendel's fuzzy inference. The developed modules can be used to process data received from sensors of the security information and event management system.

Author Biographies

Denis Igorevich Parfenov, Orenburg State University

Head of the Department Software and Technical Support of Distance Learning, Ph.D. (Engineering)

Irina Pavlovna Bolodurina, Orenburg State University

Head of the Department of Applied Mathematics, Dr.Sci. (Engineering), Professor

Lyubov Sergeevna Zabrodina, Orenburg State University

Assistant of the Department of Applied Mathematics

Artur Yurievich Zhigalov, Orenburg state University

Senior Software Developer of the Sector of Automated Support for the Organization of the Educational Process

References

[1] Kusakina N.M. Methods of the Network Traffic Analysis as a Basis for Designing the Intrusion Detection System. In: International Scientific Review of the Problems and Prospects of Modern Science and Education: XLI International Scientific and Practical Conference (Boston. USA - 30 January, 2018). 2018; (1):28-31. Available at: https://elibrary.ru/item.asp?id=32639163 (accessed 01.11.2020). (In Russ., abstract in Eng.)
[2] Chistyakova M.A., Ilyin M.V. Methods for Identifying Attacks on a WI-FI Network Based on Data Mining. Industrial Automatic Control Systems and Controllers. 2019; (7):41-51. (In Russ., abstract in Eng.) DOI: https://doi.org/10.25791/asu.07.2019.749
[3] Nikonov V.V., Loss V.P., Ross G.V. Development of Automated System for Identifying Abnormal Network Activity and Detect Threats. Problems of Information Security. Computer Systems. 2016; (2):60-69. Available at: https://elibrary.ru/item.asp?id=28783777 (accessed 01.11.2020). (In Russ., abstract in Eng.)
[4] Jin, S., Jiang, Y., Peng, J. Intrusion Detection System Enhanced by Hierarchical Bidirectional Fuzzy Rule Interpolation. In: 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC). Miyazaki, Japan; 2018. p. 6-10. (In Eng.) DOI: https://doi.org/10.1109/SMC.2018.00010
[5] Pradeepthi K.V., Kannan A. Detection of Botnet traffic by using Neuro-fuzzy based Intrusion Detection. In: 2018 Tenth International Conference on Advanced Computing (ICoAC). Chennai, India; 2018. p. 118-123. (In Eng.) DOI: https://doi.org/10.1109/ICoAC44903.2018.8939109
[6] Mangrulkar N.S., Bhagat Patil A.R., Pande A.S. Network Attacks and Their Detection Mechanisms: A Review. International Journal of Computer Applications. 2014; 90(9):37-39. (In Eng.) DOI: https://doi.org/10.5120/15606-3154
[7] Munz G., Carle G. Real-time Analysis of Flow Data for Network Attack Detection. In: 2007 10th IFIP/IEEE International Symposium on Integrated Network Management. Munich, Germany; 2007. p. 100-108. (In Eng.) DOI: https://doi.org/10.1109/INM.2007.374774
[8] Gruzdev S.P., Sheluhin O.I. Binary Classification of Computer Attacks to Information Resources Using Fuzzy logic. Telekommunikacii i informacionnye tehnologii = Telecommunications and information technologies. 2019; 6(2):115-122. Available at: https://elibrary.ru/item.asp?id=42206780 (accessed 01.11.2020). (In Russ., abstract in Eng.)
[9] Branitskiy A., Kotenko I. Network Attack Detection Based on Combination of Neural, Immune and Neuro-fuzzy Classifiers. Information and Control Systems. 2015; (4):69-77. (In Russ., abstract in Eng.) DOI: https://doi.org/10.15217/issn1684-8853.2015.4.69
[10] Wang G., Hao J., Ma J., Huang L. A New Approach to Intrusion Detection Using Artificial Neural Networks and Fuzzy Clustering. Expert Systems with Applications. 2010; 37(9):6225-6232. (In Eng.) DOI: https://doi.org/10.1016/j.eswa.2010.02.102
[11] Alsirhani A., Sampalli S., Bodorik P. DDoS Detection System: Using a Set of Classification Algorithms Controlled by Fuzzy Logic System in Apache Spark. IEEE Transactions on Network and Service Management. 2019; 16(3):936-949. (In Eng.) DOI: https://doi.org/10.1109/TNSM.2019.2929425
[12] Levonevskiy D.K., Fatkieva R.R., Ryzhkov S.R. Network attacks detection using fuzzy logic. In: 2015 XVIII International Conference on Soft Computing and Measurements (SCM). St. Petersburg, Russia; 2015. Pp. 243-244. (In Eng.) DOI: https://doi.org/10.1109/SCM.2015.7190470
[13] Mkuzangwe N.N.P., Nelwamondo F.V. A Fuzzy Logic Based Network Intrusion Detection System for Predicting the TCP SYN Flooding Attack. In: Nguyen N., Tojo S., Nguyen L., Trawiński B. (ed.) Intelligent Information and Database Systems. ACIIDS 2017. Lecture Notes in Computer Science. 2017; 10192:14-22. Springer, Cham. (In Eng.) DOI: https://doi.org/10.1007/978-3-319-54430-4_2
[14] Balan E.V., Priyan M.K., Gokulnath C., Devi G.U. Fuzzy Based Intrusion Detection Systems in MANET. Procedia Computer Science. 2015; 50:109-114. (In Eng.) DOI: https://doi.org/10.1016/j.procs.2015.04.071
[15] Singh R., Singh J., Singh R. Fuzzy Based Advanced Hybrid Intrusion Detection System to Detect Malicious Nodes in Wireless Sensor Networks. Wireless Communications and Mobile Computing. 2017; 2017:3548607. (In Eng.) DOI: https://doi.org/10.1155/2017/3548607
[16] Moustafa N., Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: 2015 Military Communications and Information Systems Conference (MilCIS). Canberra, ACT, Australia; 2015. p. 1-6. (In Eng.) DOI: https://doi.org/10.1109/MilCIS.2015.7348942
[17] Talagaev Yu.V. Analysis and synthesis of superstable Takagi - Sugeno fuzzy systems. Problemy Upravleniya = Control Sciences. 2016; (6):2-11. Available at: https://elibrary.ru/item.asp?id=27346259 (accessed 01.11.2020). (In Russ., abstract in Eng.)
[18] Chiang T.-S., Liu P., Yang C-E. Learning convergence analysis for Takagi-Sugeno Fuzzy Neural Networks. In: 2012 IEEE International Conference on Fuzzy Systems. Brisbane, QLD, Australia; 2012. p. 1-6. (In Eng.) DOI: https://doi.org/10.1109/FUZZ-IEEE.2012.6251318
[19] Soldatova O.P., Shepelev Yu.M. An Algorithm of Rule Base Minimization for Takagi-Sugeno-Kang Fuzzy Neural Network. In: EUROPEAN RESEARCH. Proceedings of the X International scientific-practical conference. Nauka i Prosveshhenie, Penza; 2017. Part 3. p. 46-49. Available at: https://www.elibrary.ru/item.asp?id=29224790 (accessed 01.11.2020). (In Russ., abstract in Eng.)
[20] Subbotin S.A. Method of Neuro-fuzzy Model Synthesis of Quantative Dependences for Diagnostics and Prediction Problems Solving. Radio Electronics, Computer Science, Control. 2010; (1):121-127. (In Eng.) DOI: https://doi.org/10.15588/1607-3274-2010-1-22
[21] Ketata R., Bellaaj H. Fuzzy Approach for 802.11 Wireless Intrusion Detection. i-manager's. Journal on Software Engineering. 2007; 2(2):49-55. (In Eng.) DOI: https://doi.org/10.26634/jse.2.2.567
[22] de Campos Souza P.V., Guimarães A.J., Rezende T.S., Silva Araujo V.J., Araujo V.S. Detection of Anomalies in Large-Scale Cyberattacks Using Fuzzy Neural Networks. AI. 2020; 1(1):92-116. (In Eng.) DOI: https://doi.org/10.3390/ai1010005
[23] ViswaBharathy A.M., Bhavani R. Fixed Neuro Fuzzy Classification Technique For Intrusion Detection Systems. International Journal of Scientific & Technology Research. 2019; 8(10):450-455. Available at: http://www.ijstr.org/final-print/oct2019/Fixed-Neuro-Fuzzy-Classification-Technique-For-Intrusion-Detection-Systems.pdf (accessed 01.11.2020). (In Eng.)
[24] Belej Ol., Нalkiv L. Development of a Network Attack Detection System Based on Hybrid Neuro-Fuzzy Algorithms. CEUR Workshop Proceedings. Proceedings of The Third International Workshop on Computer Modeling and Intelligent Systems (CMIS-2020). Zaporizhzhia, Ukraine, April 27-May 1, 2020. 2020; 2608:926-938. Available at: http://ceur-ws.org/Vol-2608/paper69.pdf (accessed 01.11.2020). (In Eng.)
[25] Upasani N., Om H. A modified neuro-fuzzy classifier and its parallel implementation on modern GPUs for real time intrusion detection. Applied Soft Computing. 2019; 82:105595. (In Eng.) DOI: https://doi.org/10.1016/j.asoc.2019.105595