Symmetry 2017, 9(9), 197; https://doi.org/10.3390/sym9090197
Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks
1
Department of Information and Communication Engineering, Dongguk University, Seoul 04620, Korea
2
INRS-EMT, University of Quebec, Montreal, QC H5A 1K6, Canada
3
Korea Institute of Science and Technology Information, Daejeon 34141, Korea
*
Author to whom correspondence should be addressed.
Received: 28 August 2017 / Revised: 15 September 2017 / Accepted: 15 September 2017 / Published: 19 September 2017
(This article belongs to the Special Issue Emerging Approaches and Advances in Big Data)
Abstract
Anomaly detection systems, also known as intrusion detection systems (IDSs), continuously monitor network traffic aiming to identify malicious actions. Extensive research has been conducted to build efficient IDSs emphasizing two essential characteristics. The first is concerned with finding optimal feature selection, while another deals with employing robust classification schemes. However, the advent of big data concepts in anomaly detection domain and the appearance of sophisticated network attacks in the modern era require some fundamental methodological revisions to develop IDSs. Therefore, we first identify two more significant characteristics in addition to the ones mentioned above. These refer to the need for employing specialized big data processing frameworks and utilizing appropriate datasets for validating system’s performance, which is largely overlooked in existing studies. Afterwards, we set out to develop an anomaly detection system that comprehensively follows these four identified characteristics, i.e., the proposed system (i) performs feature ranking and selection using information gain and automated branch-and-bound algorithms respectively; (ii) employs logistic regression and extreme gradient boosting techniques for classification; (iii) introduces bulk synchronous parallel processing to cater computational requirements of high-speed big data networks; and; (iv) uses the Infromation Security Centre of Excellence, of the University of Brunswick real-time contemporary dataset for performance evaluation. We present experimental results that verify the efficacy of the proposed system. View Full-TextKeywords:
anomaly detection; network intrusion detection systems; bulk synchronous parallel; machine learning; big data; ISCX-UNB dataset; DARPA; KDD Cup 99
▼
Figures
Figure 1
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
Share & Cite This Article
MDPI and ACS Style
Siddique, K.; Akhtar, Z.; Lee, H.-G.; Kim, W.; Kim, Y. Toward Bulk Synchronous Parallel-Based Machine Learning Techniques for Anomaly Detection in High-Speed Big Data Networks. Symmetry 2017, 9, 197.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.
Related Articles
Article Metrics
Comments
[Return to top]
Symmetry
EISSN 2073-8994
Published by MDPI AG, Basel, Switzerland
RSS
E-Mail Table of Contents Alert