Abstract
In this paper, we propose a novel Intrusion Detection System (IDS) architecture utilizing both the evidence theory and Rough Set Theory (RST). Evidence theory is an effective tool in dealing with uncertainty question. It relies on the expert knowledge to provide evidences, needing the evidences to be independent, and this make it difficult in application. To solve this problem, a hybrid system of rough sets and evidence theory is proposed. Firstly, simplification are made based on Variable Precision Rough Set (VPRS) conditional entropy. Thus, the Basic Belief Assignment (BBA) for all evidences can be calculated. Secondly, Dempster’s rule of combination is used, and a decision-making is given. In the proposed approach, the difficulties in acquiring the BBAs are solved, the correlativity among the evidences is reduced and the subjectivity of evidences is weakened. An illustrative example in an intrusion detection shows that the two theories combination is feasible and effective.
Similar content being viewed by others
References
E. H. Spafford and D. Zamboni. Intrusion detection using autonomous agents. Computer Networks, 34(2000)4, 547–570.
Y. Wang, R. B. Smruti, and W. Johnny. Towards the automatic generation of mobile agents for distributed intrusion detection system. The Journal of Systems and Software, 79(2006), 1–14.
P. Dempster. Upper and lower probabilities induced by multivalued mappings. Annals of Mathematical Statistics, 38(1967)6, 325–339.
G. Shafer. A mathematical theory of evidence. Princeton, NJ, Princeton University Press, 1976, 4–10.
Z. Pawlak. Rough sets. Communications of ACM, 38 (1995)11, 89–95.
Wang Guoyin, Yu Hong, and Yang Dachun. Decision table simplification based on conditional entropy. Journal of Computer, 25(2002)7, 759–766 (in Chinese). 王国胤, 于洪, 杨大春. 基于条件信息熵的决策表约简. 计算机学报, 25(2002)7, 759–766.
Skowrom and J. Grzymalla. From rough set theory to evidence theory-advances in the Dempster-Shafer theory of evidence. New York, John Wiley & Sons Inc., 1994, 25–35.
Y. Y. Yao and P. J. Lingras. Interpretations of belief functions in the theory of rough sets. Information Sciences, 104(1998)2, 81–106.
Author information
Authors and Affiliations
Corresponding author
Additional information
Supported by the National Natural Science Foundation of China (No. 60774029).
Communication author: Ye Qing, born in 1978, male, Ph.D..
About this article
Cite this article
Ye, Q., Wu, X. & Zhang, C. An Intrusion Detection System based on evidence theory and Rough Set Theory. J. Electron.(China) 26, 777–781 (2009). https://doi.org/10.1007/s11767-009-0087-2
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11767-009-0087-2