A survey and taxonomy of the fuzzy signature-based Intrusion Detection Systems

Organizations that benefit from information technologies are vulnerable to various attacks and malicious behaviors. Intrusion Detection Systems (IDS) are one of the main lines of defense which in conjunction with firewalls and other security components are applied to deal with intrusions and unauthorized misbehaviors. Misuse detection is one of the main branches of the intrusion detection which intends to prevent known security attacks regarding their previously known signatures. This paper presents a comprehensive investigation of the fuzzy misuse detection schemes designed using various machine learning and data mining techniques to deal with different kinds of intrusions. For this purpose, it first presents the key points and knowledge about intrusion detection and then classifies the fuzzy misuse detection approaches regarding their applied fuzzy techniques and algorithms. Then, it illustrates the major contributions of the fuzzy IDS schemes and illuminates their merits and limitations. Besides, in each section, the comparison of their applied datasets, performance evaluation factors, feature extraction methods as well as the type of fuzzy logic controller (FLC) and membership functions are provided. Finally, the concluding issues and the directions for future researches are highlighted. (C) 2020 Published by Elsevier B.V.