Title :
B-dids: Mining anomalies in a Big-distributed Intrusion Detection System
Author :
Janeja, Vandana P. ; Azari, A. ; Namayanja, Josephine M. ; Heilig, Brian
Abstract :
The focus of this paper is to present the architecture of a Big-distributed Intrusion Detection System (B-dIDS) to discover multi-pronged attacks which are anomalies existing across multiple subnets in a distributed network. The B-dIDS is composed of two key components: a big data processing engine and an analytics engine. The big data processing is done through HAMR, which is a next generation in-memory MapReduce engine. HAMR has reported high speedups over existing big data solutions across several analytics algorithms. The analytics engine comprises a novel ensemble algorithm, which extracts training data from clusters of the multiple IDS alarms. The clustering is utilized as a preprocessing step to re-label the datasets based on their high similarity to known potential attacks. The overall aim is to predict multi-pronged attacks that are spread across multiple subnets but can be missed if not evaluated in an integrated manner.
Keywords :
Big Data; data mining; security of data; B-dIDS; HAMR; MapReduce engine; analytics engine; big data processing engine; big-distributed intrusion detection system; multiple IDS alarms; multipronged attacks; Big data; Data mining; Engines; Heat-assisted magnetic recording; Intrusion detection; Organizations; Training; Ensemble learning; big data; distributed Intrusion Detection System;
Conference_Titel :
Big Data (Big Data), 2014 IEEE International Conference on
Conference_Location :
Washington, DC
DOI :
10.1109/BigData.2014.7004484
