Intrusion Detection System Based on Decision Tree over Big Data in Fog Environment

Fog computing, as the supplement of cloud computing, can provide low-latency services between mobile users and the cloud. However, fog devices may encounter security challenges as a result of the fog nodes being close to the end users and having limited computing ability. Traditional network attacks may destroy the system of fog nodes. Intrusion detection system IDS is a proactive security protection technology and can be used in the fog environment. Although IDS in tradition network has been well investigated, unfortunately directly using them in the fog environment may be inappropriate. Fog nodes produce massive amounts of data at all times, and, thus, enabling an IDS system over big data in the fog environment is of paramount importance. In this study, we propose an IDS system based on decision tree. Firstly, we propose a preprocessing algorithm to digitize the strings in the given dataset and then normalize the whole data, to ensure the quality of the input data so as to improve the efficiency of detection. Secondly, we use decision tree method for our IDS system, and then we compare this method with Naive Bayesian method as well as KNN method. Both the 10% dataset and the full dataset are tested. Our proposed method not only completely detects four kinds of attacks but also enables the detection of twenty-two kinds of attacks. The experimental results show that our IDS system is effective and precise. Above all, our IDS system can be used in fog computing environment over big data.

[1]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[2]  Shangguang Wang,et al.  Bayesian Approach with Maximum Entropy Principle for trusted quality of Web service metric in e-commerce applications , 2012, Secur. Commun. Networks.

[3]  Yang Liu,et al.  Cloud/Fog Computing System Architecture and Key Technologies for South-North Water Transfer Project Safety , 2018, Wirel. Commun. Mob. Comput..

[4]  G. Klas,et al.  Fog Computing and Mobile Edge Cloud Gain Momentum Open Fog Consortium, ETSI MEC and Cloudlets , 2015 .

[5]  Zhang Hao An Improved Sequential Minimal Optimization Learning Algorithm for Regression Support Vector Machine , 2003 .

[6]  Zied Elouedi,et al.  Naive Bayes vs decision trees in intrusion detection systems , 2004, SAC '04.

[7]  Jie Zhang,et al.  Data Placement for Privacy-Aware Applications over Big Data in Hybrid Clouds , 2017, Secur. Commun. Networks.

[8]  Luis Rodero-Merino,et al.  Finding your Way in the Fog: Towards a Comprehensive Definition of Fog Computing , 2014, CCRV.

[9]  Wathiq Laftah Al-Yaseen,et al.  Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system , 2017, Expert Syst. Appl..

[10]  Alberto Maria Segre,et al.  Programs for Machine Learning , 1994 .

[11]  Samuel Kounev,et al.  Evaluating Computer Intrusion Detection Systems , 2015, ACM Comput. Surv..

[12]  Dai Tian-hong Intrusive Detection Based on Genetic Neural Networks , 2006 .

[13]  Lu Yu Research on Abnormal Behavior Detection Based on kNN Algorithm , 2007 .

[14]  Peter E. Hart,et al.  Nearest neighbor pattern classification , 1967, IEEE Trans. Inf. Theory.

[15]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[16]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[17]  Christopher D. Manning,et al.  Introduction to Information Retrieval , 2010, J. Assoc. Inf. Sci. Technol..

[18]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[19]  Li Yan A Review and Analysis of Outlier Detection Algorithms , 2002 .

[20]  Shao Xiul The parallel implementation of MapReduce for the Bayesian algorithm to detect botnets , 2014 .

[21]  Xuyun Zhang,et al.  A balanced virtual machine scheduling method for energy-performance trade-offs in cyber-physical cloud systems , 2017, Future Gener. Comput. Syst..

[22]  Robert Tibshirani,et al.  Discriminant Adaptive Nearest Neighbor Classification , 1995, IEEE Trans. Pattern Anal. Mach. Intell..

[23]  Tom H. Luan,et al.  Fog Computing: Focusing on Mobile Users at the Edge , 2015, ArXiv.

[24]  J. Ross Quinlan,et al.  C4.5: Programs for Machine Learning , 1992 .