Fuzzy risk analysis of computer security threats

In recent years, security problems continue. to receive increasing coverage in both the popular and technical media. A large part of the problem is that current techniques are external, and not internal. The Computer immunology model based on finite automaton technique can be used to detect anomaly intrusions from masqueraders. A key mechanism in this immunity process is the ability to distinguish between self (i.e. normal organisms or behaviors) and non-self (i.e. abnormal or anomalous behavior). Based on the model, the paper further presents a novel fuzzy risk analysis approach to evaluate the threat as linguistic terms. The fuzzy threat output and some linguistic terms denoting threat levels are converted into generalized fuzzy numbers. A linguistic term that has the highest similarity with the output is selected as the overall threat. The experiment of masquerader detection conducted in a real environment show the very promising results with a high detection rate and a very low false alarm rate.