In the enormous stream of network traffic, there is no way to identify which packet is benign and which is an anomaly packet. Hence, we intend to develop a new network intrusion detection model using apache-spark to improve the performance and to detect the intrusions while handling the colossal stream of network traffic in IDS. The model can detect known intrusion effectively using real-time analytics and hence identify unknown data schema compared with traditional IDS. The objective of the model addresses the following capabilities: Deep Packet Inspection (DPI) by inspecting the network traffic and examining the properties that describe the intrusion characteristics. Collaborating the vulnerability assessment with human intervention, using C.45 decision tree algorithm, optimizes pattern matching to boost detection rate. The clustered hosts are grouped based on their number of visits in an unique IP. The intrusion classifiers are developed by investigating each IP groups which reflects different properties used for prediction. The prediction model is built over Amrita Big Data Apache-Spark framework as a sequence of workflows. The above workflow is implemented in Amrita Big Data Framework (ABDF) to improve the detection time and performance, the model output provides effective results in detecting DOS attacks and port scanning attacks. ©2006-2017 Asian Research Publishing Network (ARPN). All rights reserved.
cited By 0
K. U. Abinesh Kamal and Shiju Sathyadevan, “Intrusion detection system using big data framework”, ARPN Journal of Engineering and Applied Sciences, vol. 12, pp. 3909-3913, 2017.