Intelligent Cyber Threat Assessment Using Fuzzy Logic
摘要
In today’s threat landscape, cyber‐attackers deploy increasingly sophisticated, multi‐vector campaigns that conventional, rule‐based defenses struggle to contain. Although fuzzy logic has shown promise in translating vague security signals into quantifiable risk levels, most existing systems lack the capacity to adjust on the fly to fresh threat intelligence. To close this gap, we present a unified architecture that interlaces fuzzy inference, data‐mining feature extraction, and live threat‐feed integration. At its core lies a three‐tier fuzzy evaluation scheme: expert judgments on criteria—Detection Accuracy, Adaptability, Scalability, Resource Consumption, Response Time, and Automation—are converted into weighted priorities via a Fuzzy AHP process; competing IDS configurations are then scored and ranked through a Fuzzy TOPSIS mechanism under continually updated threat contexts. Guided by three key questions—how to meld fuzzy logic with data‐mining and live intelligence, how this fusion reshapes IDS performance under shifting attack conditions, and how real‐time inputs recalibrate fuzzy membership boundaries—our framework was exercised in both simulated environments and realistic traffic scenarios. The results demonstrate up to a 7% boost in detection rates, an 18–21% drop in both false‐alarm frequency and response latency, and a 10–15% gain in computational efficiency compared to baseline systems. These gains confirm that dynamic rule refinement and multi‐criteria optimization can substantially elevate intrusion‐detection efficacy. At the same time, our evaluation surfaced critical challenges—chiefly the complexity of ingesting heterogeneous threat feeds without incurring prohibitive overhead, and the need for automated rule evolution to maintain accuracy as attackers innovate. To address these, we propose extending the architecture with machine‐learning‐driven rule‐generation modules and lightweight, high‐order fuzzy models suited for edge deployments. By bridging static evaluation paradigms with live, adaptive decision‐making, this work lays the groundwork for intrusion‐detection systems that are not only more resilient but also more responsive to the ever‐evolving cyber threat landscape.