Intrusion Detection in High-Speed Big Data Networks: A Comprehensive Approach
In network intrusion detection research, two characteristics are generally considered vital to build efficient intrusion detection systems (IDSs) namely, optimal feature selection technique and robust classification schemes. However, an emergence of sophisticated network attacks and the advent of big data concepts in anomaly detection domain require the need to address two more significant aspects. They are concerned with employing appropriate big data computing framework and utilizing contemporary dataset to deal with ongoing advancements. Based on this need, we present a comprehensive approach to build an efficient IDS with the aim to strengthen academic anomaly detection research in real-world operational environments. The proposed system is a representative of the following four characteristics: It (i) performs optimal feature selection using branch-and-bound algorithm; (ii) employs logistic regression for classification; (iii) introduces bulk synchronous parallel processing to handle computational requirements of large-scale networks; and (iv) utilizes real-time contemporary dataset named ISCX-UNB to validate its efficacy.
KeywordsAnomaly detection Network intrusion detection systems Bulk synchronous parallel BSP Big data ISCX-UNB dataset Darpa KDD Cup ’99
- 3.Grahn, K., Westerlund, M., Pulkkis, G.: Analytics for network security: a survey and taxonomy. In: Information Fusion for Cyber-Security Analytics, pp. 175–193. Springer (2017)Google Scholar
- 6.Anderson, J.P.: Computer security threat monitoring and surveillance. vol. 17. Technical report, James P. Anderson Company, Fort Washington, Pennsylvania (1980)Google Scholar
- 8.Liu, H.: Instance Selection and Construction for Data Mining (2010)Google Scholar