The integration of fuzzy logic with data mining methods such as association rules has achieved interesting results in various digital forensics applications. As a data mining technique, the association rule mining (ARM) algorithm uses ranges to convert any quantitative features into categorical ones. Such features lead to the sudden boundary problem, which can be smoothed by incorporating fuzzy logic so as to develop interesting patterns for intrusion detection. This paper introduces a Fuzzy ARM-based intrusion detection model that is tested on the CAIDA 2007 backscatter network traffic dataset. Moreover, the authors present an improved algorithm named Matrix Fuzzy ARM algorithm for mining fuzzy association rules. The experiments and results that are presented in this paper demonstrate the effectiveness of integrating fuzzy logic with association rule mining in intrusion detection. The performance of the developed detection model is improved by using this integrated approach and improved algorithm.
|Number of pages||21|
|Journal||International Journal of Digital Crime and Forensics|
|Publication status||Published - 1 Apr 2011|
- cybercrime detection
- forensic computing
- intrusion detection
- matrix fuzzy ARM