Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks
1
Department of Information and Communication Engineering, Dongguk University, Seoul 04620, Korea
2
INRS-EMT, University of Quebec, Montreal, QC H5A 1K6, Canada
3
Korea Institute of Science and Technology Information, Daejeon 34141, Korea
*
Author to whom correspondence should be addressed.
Symmetry 2017, 9(9), 197; https://doi.org/10.3390/sym9090197
Received: 28 August 2017 / Revised: 15 September 2017 / Accepted: 15 September 2017 / Published: 19 September 2017
(This article belongs to the Special Issue Emerging Approaches and Advances in Big Data)
Anomaly detection systems, also known as intrusion detection systems (IDSs), continuously monitor network traffic aiming to identify malicious actions. Extensive research has been conducted to build efficient IDSs emphasizing two essential characteristics. The first is concerned with finding optimal feature selection, while another deals with employing robust classification schemes. However, the advent of big data concepts in anomaly detection domain and the appearance of sophisticated network attacks in the modern era require some fundamental methodological revisions to develop IDSs. Therefore, we first identify two more significant characteristics in addition to the ones mentioned above. These refer to the need for employing specialized big data processing frameworks and utilizing appropriate datasets for validating system’s performance, which is largely overlooked in existing studies. Afterwards, we set out to develop an anomaly detection system that comprehensively follows these four identified characteristics, i.e., the proposed system (i) performs feature ranking and selection using information gain and automated branch-and-bound algorithms respectively; (ii) employs logistic regression and extreme gradient boosting techniques for classification; (iii) introduces bulk synchronous parallel processing to cater computational requirements of high-speed big data networks; and; (iv) uses the Infromation Security Centre of Excellence, of the University of Brunswick real-time contemporary dataset for performance evaluation. We present experimental results that verify the efficacy of the proposed system.
View Full-Text
Keywords:
anomaly detection; network intrusion detection systems; bulk synchronous parallel; machine learning; big data; ISCX-UNB dataset; DARPA; KDD Cup 99
▼
Show Figures
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited
MDPI and ACS Style
Siddique, K.; Akhtar, Z.; Lee, H.-g.; Kim, W.; Kim, Y. Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks. Symmetry 2017, 9, 197. https://doi.org/10.3390/sym9090197
AMA Style
Siddique K, Akhtar Z, Lee H-g, Kim W, Kim Y. Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks. Symmetry. 2017; 9(9):197. https://doi.org/10.3390/sym9090197
Chicago/Turabian StyleSiddique, Kamran; Akhtar, Zahid; Lee, Haeng-gon; Kim, Woongsup; Kim, Yangwoo. 2017. "Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks" Symmetry 9, no. 9: 197. https://doi.org/10.3390/sym9090197
Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
Search more from Scilit