Identifying Intrusions in Computer Networks Using Robust Fuzzy PCA

Abstract

It is well-known that intrusion detection systems are an effective way to detect malicious connections in a computer network. Different feature extraction techniques have been applied in the field of detection intrusions; the most common one is Principal Component Analysis (PCA). Nevertheless, PCA is restricted to linear principal components and suffers from sensitivity to noise and can be easily affected by outliers. To deal with the drawbacks of PCA many data dimensionality reduction methods have been proposed, among them we found Robust Fuzzy PCA (RFPCA) which employs fuzzy memberships in order to reduce the effect of outliers. Unfortunately, even though RFPCA showed satisfactory results, it still suffers from the influence of outliers. In fact, using an increasing function such as exponential function in the estimation of memberships will assign a big membership values to outliers, consequently, the obtained results can be skewed. In this paper, we suggest a new variant of Robust Fuzzy PCA (RFPCA) method for the purpose of network IDS. Extensive experiments on the two well known datasets i.e. KDDcup99 and NSL-KDD demonstrated that the proposed approach takes the advantage over RFPCA and PCA in terms of network attacks detection and false alarms reduction.