An efficient intrusion detection model based on neutrosophic logic for optimal response from the arranged response set

Ali Alqazzaz^1*, Ibrahim Alrashdi²

¹College of Computing and Information Technology, University of Bisha, Bisha,

Saudi Arabia
²Department of Computer Science, College of Computer and Information Sciences, Jouf University, Sakaka 2014, Saudi Arabia

  Emails: aqzaz@ub.edu.sa;  irrashdi@ju.edu.sa

Abstract

While an Automated Intrusion Response System (AIRS) chooses and initiates a suitable reaction from the pool of response groups based on specific response choice requirements to reduce the intrusion immediately, an Intrusion Detection System (IDS) finds the intrusions and generates alerts. The accurate assessment of the critical weight of all responses chosen and the prioritization of the incursion response set are the biggest hurdles when creating an AIRS. This study suggested a multi-criteria decision-making (MCDM) method for ranking intrusion responses. The TOPSIS method is an MCDM method used to rank the alternatives. The TOPSIS method integrated with the single-valued neutrosophic set (SVNS) to overcome uncertainty. This study used 16 criteria and 10 alternatives to be evaluated by experts and decision-makers. The sensitivity analysis shows the rank of other options under different cases. The criteria weights are changed under 17 cases. The results of sensitivity analysis show the rank of alternatives is stable. The suggested method was compared with other MCDM methods to show its effectiveness and robustness.

Keywords: Intrusion Detection System; Security; Multi-Criteria Decision Making; Neutrosophic Logic; Intrusion Response.