Abstract
Over the past decade, cybersecurity threats and vulnerabilities have significantly increased, primarily due to the widespread adoption of IoT and the expanding use of systems and networks. As technology advances, cyber attackers continually improve their attack methods. Cybersecurity professionals employ the same technologies as cyber attackers for defense purposes. Effectively addressing this challenge requires the development of reliable and comprehensive cybersecurity systems for detection and mitigation. To tackle this issue, a GNS3-Fuzzy Rule-Based Expert System was created, focusing on assessing the risk of each threat over time. The system involved simulating a Local Area Network in GNS3, where attacks were executed using Kali Linux. Throughout the attacks, key metrics such as PC to Server ping time, PC-to-PC ping time, and Download time were recorded and averaged. These metrics were then utilized as inputs and ranges in the fuzzy rule-based expert system. The fuzzy rule-based expert system was developed using the MATLAB software, the fuzzy logic toolbox, and the Simulink tool. The system’s output was the risk level associated with different threats. Based on the collected data and the developed system, it was observed that as the PC-to-server time, PC-to-PC time, and download time increase, there is a corresponding elevation in the risk level of the system. Implementing this proposed system provides a dependable and precise solution for detecting the risk level of threats posed to systems.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abdymanapov, S., Muratbekov, M., Altynbek, S., Barlybaye, A.: Fuzzy expert system of information security risk assessment on the example of analysis learning management systems (2021)
Ahsan, M., et al.: Cybersecurity threats and their mitigation approaches using machine learning- a review. J. Cybersecur. Priv 2, 527–555 (2022)
Alali, M., et al.: Improving risk assessment of cyber security using fuzzy logic inference system. Comput. Secur. 74, 323–339 (2017)
Amna, A., Raul, V.: Cybercrime prevention in the kingdom of Bahrain via IR security audit plans. J. Theor. Appl. Inf. Technol. 65, 274–292 (2014)
Cai, K.: System failure engineering and fuzzy methodology: an introductory overview. Fuzzy Sets Syst. 83, 113–133 (1996)
Chakraborty, A., Biswas, A., Khan, A.K.: Artificial intelligence for cybersecurity: threats, attacks and mitigation. Computer Science\(>\)Cryptograph and Security (2022)
Chauhan, K.: Fuzzy approach for designing security framework, pp. 173–195 (2021)
Ding, S., Bunn, J.: Machine learning for cybersecurity: network-based botnet detection using time-limited flows. California Institute of Technology (2017)
Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. IEEE Comput. Netw. 44, 643–666 (2004)
Feng, B., et al.: Stopping the cyberattack in the early stage: assessing the security risks of social network users. Security and Communication Networks (2019)
Gao, M., Zhou, M.: Fuzzy intrusion detection based on fuzzy reasoning petri nets, pp. 1272–1277 (2003)
Goztepe, K.: Designing a fuzzy rule-based expert system for cyber security. Int. J. Inf. Secur. Sci. 1, 13–19 (2015)
Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. ACM SIGCOMM Comput. Commun. Rev. 34(2), 39–54 (2004)
Mlakic, D., Majdandzic, L.: Fuzzy rule based expert system for SCADA cyber security (2016)
Mudassar, M., Kankale, P.A., Gawande, P.: Computing the impact of security attack on network using fuzzy logic. Int. Res. J. Eng. Technol. (2016)
Obotivere, B., Nwaezeigwe, A.: Cybersecurity threats on the internet and possible solutions. IJARCEE 9, 92–97 (2020)
Riyaz, B., Ganapathy, S.: An intelligent fuzzy rule-based feature selection for effective intrusion detection. In: International Conference on Recent Trends in Advance Computing (ICRTAC), pp. 206–211 (2018)
Riyaz, B., Ganapathy, S.: An intelligent fuzzy rule-based feature selection for effective intrusion detection, pp. 206–211 (2018)
Riza, L.S., Bergmeir, C., Herrera, F., Benitez, J.: Fuzzy rule-based systems for classification and regression tasks (2019)
Shrestha, J.M., Noll, C., Roverso, J., Davide, A.: A methodology for security classification applied to smart grid infrastructures. Int. J. Crit. Infrastruct. Prot. 28, 100–342 (2020)
Tubis, A., et al.: Cyber-attacks risk analysis method for different levels of automation of mining processes in mines based on fuzzy theory use. Sensors 20, 7210 (2020)
Yasli, F., Bolat, B.: A risk analysis model for mining accidents using a fuzzy approach based on fault tree analysis. J. Enterp. Inf. Manag. 31, 577–594 (2018)
Zadeh, L.: Fuzzy sets. Inf. Control 8(3), 338–353 (1965)
Zhang, Y.: Optimization-time analysis for cybersecurity. IEEE Trans. Dependable Secure Comput. 19(4), 2365–2383 (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Churu, M., Blaauw, D., Watson, B. (2024). A Review and Analysis of Cybersecurity Threats and Vulnerabilities, by Development of a Fuzzy Rule-Based Expert System. In: Debelee, T.G., Ibenthal, A., Schwenker, F., Megersa Ayano, Y. (eds) Pan-African Conference on Artificial Intelligence. PanAfriConAI 2023. Communications in Computer and Information Science, vol 2069. Springer, Cham. https://doi.org/10.1007/978-3-031-57639-3_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-57639-3_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57638-6
Online ISBN: 978-3-031-57639-3
eBook Packages: Computer ScienceComputer Science (R0)