Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection

Nowadays, the rapid advancement of technologies such as e-commerce, mobile payments, cloud computing, big data and analytics, IoT, AI, machine learning, and social media has greatly contributed to economic growth. However, it has also resulted in an increased frequency of cyberattacks. In order to e...

Full description

Saved in:
Bibliographic Details
Main Author: Jia, Liu
Format: Thesis
Language:English
English
English
Published: 2024
Subjects:
Online Access:http://ir.unimas.my/id/eprint/44484/7/Thesis%20PhD_Liu%20Jia%20-%2024%20pages.pdf
http://ir.unimas.my/id/eprint/44484/8/Thesis%20PhD_Liu%20Jia.dsva.pdf
http://ir.unimas.my/id/eprint/44484/9/Thesis%20PhD_Liu%20Jia.ftext.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
id my-unimas-ir.44484
record_format uketd_dc
institution Universiti Malaysia Sarawak
collection UNIMAS Institutional Repository
language English
English
English
topic QA76 Computer software
spellingShingle QA76 Computer software
Jia, Liu
Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
description Nowadays, the rapid advancement of technologies such as e-commerce, mobile payments, cloud computing, big data and analytics, IoT, AI, machine learning, and social media has greatly contributed to economic growth. However, it has also resulted in an increased frequency of cyberattacks. In order to ensure network security, intrusion detection has become a crucial technology. However, due to the inherent uncertainty in distinguishing between normal and abnormal behaviours, intrusion detection problems can be considered as fuzzy classification problems. Many traditional classification methods are inadequate in handling this fuzziness, leading to suboptimal performance in intrusion detection. To address this issue, the Adaptive-Network-based Fuzzy Inference System (ANFIS) has emerged as a promising approach. ANFIS combines the uncertainty processing ability of fuzzy logic with the learning process of Neural Networks (NNs). It has demonstrated excellent performance in various domains, including intrusion detection. However, due to the constraint of having only 5 layers, ANFIS is unable to identify higher-level and more abstract representations of the data. To address this problem, this study first uses CART (Classification and Regression Tree) to enhance the depth of ANFIS, providing a deeper and interpretable hybrid architecture. The method is then compared to single CART, single ANFIS, BPNN, GA-ANFIS, PSO-ANFIS, and CSO-ANFIS. The results demonstrate a detection rate of 99.86% and a false alarm rate of 0.14% on the intrusion detection dataset, KDDTrain+, which is one of the most widely used benchmark datasets. The proposed method outperforms CSO-ANFIS by exhibiting a 4.06% higher detection rate (improving from 95.80%) and a 2.31% lower false alarm rate (compared to 3.45%). On the KDDTest+ dataset, the proposed method also outperforms single CART and ANFIS in terms of various metrics other than precision. Since the CART tree is a binary tree, it can only represent the relationship between data through a split based on a single attribute at a single tree node. Therefore, this binary tree cannot analyse complex features of mixed attributes and restricts the CART tree's deep-level feature recognition ability. Although the combination of ANFIS and CART provides deeper feature recognition for ANFIS, it still lacks the ability to recognize deep-level features and mixed-attribute features due to the limitations of both ANFIS and CART. Therefore, deep-level feature analysis, recognizing complex and mixed factors, has essential research value and significance for improving the efficiency and accuracy of intrusion detection. This study further enhances the depth of ANFIS and identifies deep features by using the ResNet (Residual Network) with ANFIS. The proposed hybrid model is able to deepen the structure of ANFIS and provide a deep and hybrid architecture. A comparison study with the proposed method with MVO-ANN, FC-ANN, DN, CSO-ANFIS, single ANFIS and single ResNet is conducted. The results show improved performance with a 10.68% better detection rate (improving from 88.2%) and a 10.68% lower false alarm rate (compared to 11.79%) than a single ANFIS. Furthermore, the proposed method outperforms MVO-ANN, FC-ANN, DN, CSO-ANFIS, single ANFIS, and single ResNet in terms of detection rate, F1-score, and recall rate. Additionally, standard deviation and proposed adaptive K-means algorithms have been employed to minimize the generated rules by ANFIS from the proposed hybrid models. This approach can dynamically minimize the interval number of each continuous attribute. As a result, the number of fuzzy rules generated by ANFIS is reduced, subsequently improving the training and prediction efficiency of the proposed hybrid models.
format Thesis
qualification_name Doctor of Philosophy (PhD.)
qualification_level Doctorate
author Jia, Liu
author_facet Jia, Liu
author_sort Jia, Liu
title Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
title_short Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
title_full Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
title_fullStr Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
title_full_unstemmed Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection
title_sort enhanced adaptive neuro-fuzzy inference system classification method for intrusion detection
granting_institution Universiti Malaysia Sarawak
granting_department Faculty of computer science and technology
publishDate 2024
url http://ir.unimas.my/id/eprint/44484/7/Thesis%20PhD_Liu%20Jia%20-%2024%20pages.pdf
http://ir.unimas.my/id/eprint/44484/8/Thesis%20PhD_Liu%20Jia.dsva.pdf
http://ir.unimas.my/id/eprint/44484/9/Thesis%20PhD_Liu%20Jia.ftext.pdf
_version_ 1804888429278789632
spelling my-unimas-ir.444842024-03-25T06:53:40Z Enhanced Adaptive Neuro-Fuzzy Inference System Classification Method for Intrusion Detection 2024-03-20 Jia, Liu QA76 Computer software Nowadays, the rapid advancement of technologies such as e-commerce, mobile payments, cloud computing, big data and analytics, IoT, AI, machine learning, and social media has greatly contributed to economic growth. However, it has also resulted in an increased frequency of cyberattacks. In order to ensure network security, intrusion detection has become a crucial technology. However, due to the inherent uncertainty in distinguishing between normal and abnormal behaviours, intrusion detection problems can be considered as fuzzy classification problems. Many traditional classification methods are inadequate in handling this fuzziness, leading to suboptimal performance in intrusion detection. To address this issue, the Adaptive-Network-based Fuzzy Inference System (ANFIS) has emerged as a promising approach. ANFIS combines the uncertainty processing ability of fuzzy logic with the learning process of Neural Networks (NNs). It has demonstrated excellent performance in various domains, including intrusion detection. However, due to the constraint of having only 5 layers, ANFIS is unable to identify higher-level and more abstract representations of the data. To address this problem, this study first uses CART (Classification and Regression Tree) to enhance the depth of ANFIS, providing a deeper and interpretable hybrid architecture. The method is then compared to single CART, single ANFIS, BPNN, GA-ANFIS, PSO-ANFIS, and CSO-ANFIS. The results demonstrate a detection rate of 99.86% and a false alarm rate of 0.14% on the intrusion detection dataset, KDDTrain+, which is one of the most widely used benchmark datasets. The proposed method outperforms CSO-ANFIS by exhibiting a 4.06% higher detection rate (improving from 95.80%) and a 2.31% lower false alarm rate (compared to 3.45%). On the KDDTest+ dataset, the proposed method also outperforms single CART and ANFIS in terms of various metrics other than precision. Since the CART tree is a binary tree, it can only represent the relationship between data through a split based on a single attribute at a single tree node. Therefore, this binary tree cannot analyse complex features of mixed attributes and restricts the CART tree's deep-level feature recognition ability. Although the combination of ANFIS and CART provides deeper feature recognition for ANFIS, it still lacks the ability to recognize deep-level features and mixed-attribute features due to the limitations of both ANFIS and CART. Therefore, deep-level feature analysis, recognizing complex and mixed factors, has essential research value and significance for improving the efficiency and accuracy of intrusion detection. This study further enhances the depth of ANFIS and identifies deep features by using the ResNet (Residual Network) with ANFIS. The proposed hybrid model is able to deepen the structure of ANFIS and provide a deep and hybrid architecture. A comparison study with the proposed method with MVO-ANN, FC-ANN, DN, CSO-ANFIS, single ANFIS and single ResNet is conducted. The results show improved performance with a 10.68% better detection rate (improving from 88.2%) and a 10.68% lower false alarm rate (compared to 11.79%) than a single ANFIS. Furthermore, the proposed method outperforms MVO-ANN, FC-ANN, DN, CSO-ANFIS, single ANFIS, and single ResNet in terms of detection rate, F1-score, and recall rate. Additionally, standard deviation and proposed adaptive K-means algorithms have been employed to minimize the generated rules by ANFIS from the proposed hybrid models. This approach can dynamically minimize the interval number of each continuous attribute. As a result, the number of fuzzy rules generated by ANFIS is reduced, subsequently improving the training and prediction efficiency of the proposed hybrid models. Universiti Malaysia Sarawak 2024-03 Thesis http://ir.unimas.my/id/eprint/44484/ http://ir.unimas.my/id/eprint/44484/7/Thesis%20PhD_Liu%20Jia%20-%2024%20pages.pdf text en public http://ir.unimas.my/id/eprint/44484/8/Thesis%20PhD_Liu%20Jia.dsva.pdf text en staffonly http://ir.unimas.my/id/eprint/44484/9/Thesis%20PhD_Liu%20Jia.ftext.pdf text en validuser phd doctoral Universiti Malaysia Sarawak Faculty of computer science and technology