Amalgamation of IDS Classification with Fuzzy Techniques for Sequential Pattern Mining

Intrusion detection system has been a powerful weapon to protect networks from attacks and has gained more and more attention. Data mining has been proven as an important method to detect intrusions. Fuzzy logic based methods together with the techniques from Artificial Intelligence have gained importance. Sequential pattern mining, which discovers frequent subsequences as patterns in a sequence database, is useful in discovering audit patterns along with time from network audit databases. Intrusion detection system uses Boolean logic in determining whether or not an intrusion is detected and the use of fuzzy logic has been investigated as an alternative. Fuzzy logic addresses the formal principles of approximate reasoning. It provides a sound foundation to handle imprecision and vagueness as well as mature inference mechanisms using varying degrees of truth. Because boundaries are not always clearly defined, fuzzy logic can be used to identify complex pattern or behavior variations. Accordingly, Chen et al. have proposed a fuzzy time-interval (FTI) sequential pattern mining algorithms, which reveals the time intervals between successive patterns [12][13]. In this paper, we contributed to the ongoing research on FTI sequential pattern mining by proposing an algorithm to detect and classify audit sequential patterns in network traffic data. The paper defines the confidence of the FTI audit sequences, which is not yet defined in the previous researches.