Intrusion detection system based on HMM with fuzzy inference

in this paper we tried to provide an intrusion detection system for network transited traffic that achieves the low false positive rate with having high attack detection rate.This system will identify anomalies by monitoring network transited traffic. So, Features extracted from the network transited traffic by the number of HMM, are modeled as aClassifier ensemble. Then by integrating the outputs of the HMM within a group, Possible value is generated. In this systemeach feature receives a weight and rather than a threshold value, using the fuzzy inference to decide between normal andabnormal network transited traffic. So at first, the fuzzy rules ofdecide module are formed manually and based on the value of the security of extraction feature. Then probability output ofeach HMM groups converted to fuzzy values according to fuzzy rules. These values are applied by a fuzzy inference engine andconverted to an output indicating the being normal or abnormal of network transited traffic.Experiments show that the proposedsystem in detecting attacks that are the main candidate error is working well. Also, measures recall, precision and F1-measure respectively with 100%, 99.38% and 99.69% will pass. Finally, attack detection rate close to 100% and false positive rate of 0.62%, showing that the proposed system is improved compared to previous systems