FLORA: Fuzzy Logic - Objective Risk Analysis for Intrusion Detectionand Prevention

Abstract

Abstract The rapid take-up of cloud computing and theevolution of the Internet of Things (IoT) has had an alarming impact on society globally in recent years, which hasled to inescapable and relentless cyber-attacks against dataand information systems, posing a devastating safety, protection and security impact with serious consequences in allsectors depending on Information Communication Technology (ICT). It is only a matter of time before the security ofdata, information systems, and cloud computing platformsand their supporting networks, become increasingly significant as high-value assets, as the number of security breachesescalates to new heights. Invasive and continuous cyber-attacks on information systems and critical infrastructurescontinuously cause damaging impacts across multiple sectors. Traditional protection mechanisms like firewalls andencryption systems have proved vulnerable and to a large extent ineffective to counter sophisticated cyber-attacks. Datasecurity and information systems require a highly protectiveand safer security system such as an Intrusion Detection andPrevention System (IDPS) to minimize risk to its absoluteminimum. A well-formulated and designed security systemwith the correct set of policies and strategies for an IDPS hasalso been deemed an extremely useful mechanism in monitoring and recording digital forensic evidence, which can beused in legal prosecution proceedings in different jurisdictions. Such an IDPS can also provide a high detection rate indetecting various classes of cyber-attack attempts. However,in many cases, it is apparent that the performance of IDPSis hampered by an increasing volume of false alarm rates ifit is not properly designed. This indicates a serious concernin ICT security systems since every false alarm can result ina severe impact on the system and its performance. This research proposes the implementation of a unique Fuzzy Logic-Objective Risk Analysis (FLORA) novel technique that canae-mail: ambamhdi@uqu.edu.sareduce false alarm rates during intrusion detection activitiesto a minimum, yet maintain total security at a high level against serious attacks. The highest percentage of error in fuzzymodel prediction is rated at 0.32%. The low level of errorsshows that fuzzy logic predicting countermeasure results isvery close to the actual experimental countermeasure values.The FLORA model accuracy with a rate of 90.11% demonstrates the vulnerability of a system with a very high levelof confidence, and on average it detects DDoS attacks with90.58% accuracy compared to other forms of DDoS attackdetection systems.