A comprehensive survey of network traffic anomalies and DDoS attacks detection schemes using fuzzy techniques

Abstract

Anomaly intrusion detection systems are a class of intrusion detection systems that do not rely on the security attacks' signatures and focus on finding unknown malicious behaviors and attacks. In this context, some of the anomaly detection schemes benefit from various fuzzy data mining and statistical methods to deal with ambiguity in the intrusion detection process. The main objective of this article is to put forward an extensive and structured survey of the fuzzy logic-based network traffic anomaly and Distributed Denial of Service (DDoS) attack detection approaches. It groups the investigated scheme concerning the fuzzy techniques applied to deal with network anomalies and DDoS attacks. It illuminates how the fuzzy network anomaly detection approaches have integrated various techniques such as classifiers, feature selection/extraction methods, and statistical and clustering algorithms to find anomalous traffic. Besides, the significant challenges, issues, and ideas in network anomaly detection are discussed. Lastly, several future research topics are provided to better lead the subsequent studies in this context.