Anomaly Upload Behavior Detection Based on Fuzzy Inference

Anomaly behavior detection is a key step in building a secure and reliable system when a user operates the server system. If a hacker uploads a file containing malicious code during an attack, it will pose a huge threat to the computer system and cannot be detected only by file extension. To solve this problem, this paper proposes a novel anomaly upload behavior detection method that establishes an upload behavior detection model by the fuzzy inference algorithm. In general, membership functions of the fuzzy inference algorithm are directly given by expert's experience. Furthermore, we investigate an improved method for determining membership function, which is obtained by statistical and curve fitting of historical data, to facilitate user's real behavior pattern recognition in the upload behavior detection model. This method does not require calibration of historical data and can be well adapted to different application scenarios. We evaluate the performance of our method via extensive simulations and real-world experiments, whose results demonstrate the feasibility and effectiveness of the proposed method.