Hadoop based real-time intrusion detection for high-speed networks

M. Mazhar Rathore, Anand Paul, Awais Ahmad, Seungmin Rho, Muhammad Imran, Mohsen Guizani

Research output: Contribution to journalConference articlepeer-review

15 Scopus citations

Abstract

The rate of data generation is enormously growing due to the number of internet users and its speed. This increases the possibility of intrusions causing serious financial damage. Detecting the intruders in such high-speed data networks is a challenging task. Therefore, in this paper, we present a high-speed Intrusion Detection System (IDS), capable of working in Big Data environment. The system design contains four layers, consisting of capturing layer, filtration and load balancing layer, processing layer, and the decision-making layer. Nine best parameters are selected for intruder flows classification using FSR and BER, as well as by analyzing the DARPA datasets. Among various machine learning approaches, the proposed system performs well on REPTree and J48 using the proposed features. The system evaluation and comparison results show that the system has better efficiency and accuracy as compare to existing systems with the overall 99.9 % true positive and less than 0.001 % false positive using REPTree.

Original languageEnglish
Article number7841864
JournalProceedings - IEEE Global Communications Conference, GLOBECOM
DOIs
StatePublished - 2016
Event59th IEEE Global Communications Conference, GLOBECOM 2016 - Washington, United States
Duration: 4 Dec 20168 Dec 2016

Keywords

  • Big Data
  • Intrusion Detection
  • Machine Learning
  • Network Threats

Fingerprint

Dive into the research topics of 'Hadoop based real-time intrusion detection for high-speed networks'. Together they form a unique fingerprint.

Cite this