Framework for Fuzzy Rule Based Automatic Intrusion Response Selection System (FRAIRSS) using Fuzzy Analytic Hierarchy Process and Fuzzy TOPSIS

Abstract

Intrusion Detection System (IDS) detects the intrusions and produces alerts. Automated Intrusion Response System (AIRS) selects and triggers the appropriate response based on some criteria to mitigate the intrusion without delay. The big challenges in the automated response selection process are a precise measurement of importance weight for each criterion and response prioritization for the specific category of attacks. Analytic hierarchy process (AHP) uses the pair-wise comparison of each criterion and does not require the accurate quantification but is unable to handle the vagueness or uncertainty in the importance judgment. This paper presents the framework called Fuzzy Rule-Based Automatic Intrusion Response Selection System (FRAIRSS) for automated response selection. Fuzzy AHP model has been created in order to deal with precise measurement and uncertainty in the importance judgment of each criterion. Fuzzy TOPSIS (Technique for Order of Preference by Similarity to Ideal Solution) multi-criteria decision making (MCDM) approach has been applied in order to resolve the response prioritization. Fuzzy Rule-based inference system is modeled to select the appropriate response from the prioritized response sets for each category of attacks. The framework has been simulated in MATLAB with various attack scenarios and it is found that FRAIRSS is selecting most appropriate response under the given attack scenarios.

Keywords

Intrusion response system Fuzzy AHP Fuzzy Rule-Based inference system response prioritization importance weight of response selection criteria

Get full access to this article

View all access options for this article.

References

PWC, Turnaround and transformation in cybersecurity, Global State of Information Security Survey, 2016.

Shameli-Sendi

, Cheriet

and Hamou-Lhadj

, Taxonomy of intrusion risk assessment and response system, Journal of Computers & Security, Elsevier 45 (2014), 1–16.

Singh

D.K.

and Kaushik

, Analysis of decision making factors for automated intrusion response system (AIRS): A review, International Journal of Computer Science and Information Security 14(6) (2016), 471–478.

Justina

Ikuomola, A., Simon and Sodiya, A Credible Cost-Sensitive Model For Intrusion Response Selection, IEEE, Fourth International Conference CASoN 2012, pp. 222–227.

Sun

and Zhang

, Automatic Intrusion Response System Based on Aggregation and Cost, International Conference on Information and Automation, IEEE 2008, pp. 1783–1786.

Foo

, Wu

, Mao

, Bagchi

and Spafford

, ADEPTS: Adaptive Intrusion Response using Attack Graphs in an ECommerce Environment, , International Conference on Dependable Systems and Networks, IEEE 2005, pp.508–517.

, Xiao

, Xu

, Peng

and Zhuang

, Automated Intrusion Response Decision Based on the Analytic Hierarchy Process, International Symposium on Knowledge Acquisition and Modeling Workshop, IEEE (2008), pp. 574–577.

, Shuai

and Liu

, Analysis of Response Factors in Intrusion Response Decision-Making, Third International Conference on Computational Science and Optimization, IEEE 2010, pp. 395–399.

and Li

, An intrusion response decision-making model based on hierarchical task network planning, Journal of Expert Systems with Applications, Elsevier 37(3) (2010), 2465–2472.

10.

Zeng-quan

, Hui-Qiang

and Rui-Jie

, Analysis of an Intelligent Agent Intrusion Response System, IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology 2006.

11.

Saaty

T.L.

, The Analytic Hierarchy Process, McGraw-Hill International Book Company, New York. 1980.

12.

Kaufmann

, Gupta

A.M.M.

, Fuzzy Mathematical Models in Engineering and Management Science, Elsevier Science Publishers, North-Holland. Amsterdam, 1988.

13.

Chang

D.Y.

, Applications of the extent analysis method on fuzzy AHP, European Journal of Operational Research, Elsevier 95(3) (1996), 649–655.

14.

Mustafa

B.A.

, A fuzzy AHP approach for supplier selection problem: A case study in a gear motor company, IJMVSC 4(3) (2013), 11–23.

15.

Phanarut

and Wannasiri

, Applying fuzzy analytic hierarchy process to evaluate and select product of notebook computers, International Journal of Modeling and Optimization 2(2) (2012), 168–173.

16.

Shameli-Sendi

and Michel

, ORCEF: Online response cost evaluation framework for intrusion response system, Journal of Network and Computer Applications, Elsevier 55 (2015), 89–107.

17.

Shameli-Sendi and Michel

, ARITO: Cyber-attack response system using accurate risk impact tolerance, IJIS, Springer 13(4) (2013), 367–390.

18.

Mohamed

, Abdelhak

and T.

, How to Select Web Services Intelligently on the basis of a Brain Inspired Method for Solving Fuzzy Multi-Criteria Decision Making Problems, SAI Conference (IntelliSys), London. IEEE, 2015, pp. 141–149.

19.

Velasquez

and Patrick

T.H.

, An analysis of multi-criteria decision making methods, International Journal of Operations Research 10(2) (2013), 56–66.

20.

Caterino

, Iervolino

, Manfredi

and Cosenza

, A Comparative Analysis of Decision Making Methods for the Seismic Retrofit of RC Buildings, Beijing, China, The 14th World Conference on Earthquake Engineering 2008.

21.

Patil

and Srinivasaraghavan

, Smart Traffic Controller using Fuzzy Inference System (STCFIS), 2nd International Conference on NGCT, IEEE 2016, pp. 335–340.

22.

Sivanandam

S.N.

, Sumathi

and Deepa

S.N.

, Introduction to Fuzzy Logic using MATLAB, Springer, Edition 1. 2007.