An enhanced fuzzy ARM approach for intrusion detection

N.S. Abouzakhar, H. Chen, B. Christianson

Research output: Contribution to journalArticlepeer-review

2 Citations (Scopus)


The integration of fuzzy logic with data mining methods such as association rules has achieved interesting results in various digital forensics applications. As a data mining technique, the association rule mining (ARM) algorithm uses ranges to convert any quantitative features into categorical ones. Such features lead to the sudden boundary problem, which can be smoothed by incorporating fuzzy logic so as to develop interesting patterns for intrusion detection. This paper introduces a Fuzzy ARM-based intrusion detection model that is tested on the CAIDA 2007 backscatter network traffic dataset. Moreover, the authors present an improved algorithm named Matrix Fuzzy ARM algorithm for mining fuzzy association rules. The experiments and results that are presented in this paper demonstrate the effectiveness of integrating fuzzy logic with association rule mining in intrusion detection. The performance of the developed detection model is improved by using this integrated approach and improved algorithm.
Original languageEnglish
Pages (from-to)41-61
Number of pages21
JournalInternational Journal of Digital Crime and Forensics
Issue number2
Publication statusPublished - 1 Apr 2011


  • algorithms
  • cybercrime detection
  • forensic computing
  • intrusion detection
  • matrix fuzzy ARM


Dive into the research topics of 'An enhanced fuzzy ARM approach for intrusion detection'. Together they form a unique fingerprint.

Cite this