Detection of Distributed Cyber Attacks Based on Weighted Ensembles of Classifiers and Big Data Processing Architecture

Distributed cyber attacks represent a special class of attacks on computer networks and systems which is rather difficult to detect. In many respects it is explained by the complexity of such detection demanding joint implementation of procedures of data analysis and technologies of Big Data processing. For this reason the development of new methods for detection of distributed cyber attacks is of great interest to specialists in the field of cyber security. The paper offers a new approach to detection of such cyber attacks. The approach is based on sharing of the weighted ensembles of different classifiers (Decision trees, Logistic regression, Support vector machines) and the Big Data processing architecture. Results of comparative analysis of three different types of the weighted ensembles (weighted voting, soft voting, and adaboost) integrating basic classifiers are evaluated. Experiments, made with use of the CICIDS2017 data set, demonstrated a rather high effectiveness of cyber attack detection and the acceptable level of consumption of the system and time resources. The approach suggested can be used for other related information assurance tasks, for example, detection and counteraction of inappropriate, dubious and harmful information.

[1]  Ehab Al-Shaer,et al.  Configuration-based IDS for advanced metering infrastructure , 2013, CCS.

[2]  Sridhar Adepu,et al.  Distributed Attack Detection in a Water Treatment Plant: Method and Case Study , 2018, IEEE Transactions on Dependable and Secure Computing.

[3]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[4]  Philip K. Chan,et al.  Machine Learning for Computer Security , 2006, J. Mach. Learn. Res..

[5]  Chaitanya P. Garware A Security Framework for Big Data Computing through Distributed Cloud Data Centres in G-Hadoop , 2016 .

[6]  Igor V. Kotenko,et al.  Parallel big data processing system for security monitoring in Internet of Things networks , 2017, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl..

[7]  Harry Zhang,et al.  The Optimality of Naive Bayes , 2004, FLAIRS.

[8]  Igor Kotenko,et al.  Framework for Mobile Internet of Things Security Monitoring Based on Big Data Processing and Machine Learning , 2018, IEEE Access.

[9]  Beng Chin Ooi,et al.  iDistance: An adaptive B+-tree based indexing method for nearest neighbor search , 2005, TODS.

[10]  Anuradha Pillai,et al.  Applications of Machine Learning in Cyber Security , 2020, Handbook of Research on Machine and Deep Learning Applications for Cyber Security.

[11]  Sanjay Silakari,et al.  A Survey of Cyber Attack Detection Systems , 2009 .

[12]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[13]  Hwee Pink Tan,et al.  Mobile big data analytics using deep learning and apache spark , 2016, IEEE Network.

[14]  Igor V. Kotenko,et al.  Applying Big Data Processing and Machine Learning Methods for Mobile Internet of Things Security Monitoring , 2018, J. Internet Serv. Inf. Secur..

[15]  Alex Holmes Hadoop in Practice , 2012 .

[16]  Ali A. Ghorbani,et al.  Toward Generating a New Intrusion Detection Dataset and Intrusion Traffic Characterization , 2018, ICISSP.

[17]  Kouichi Sakurai,et al.  A Proposal for Detecting Distributed Cyber-Attacks Using Automatic Thresholding , 2015, 2015 10th Asia Joint Conference on Information Security.

[18]  Xiaohua Ge,et al.  Distributed Attack Detection and Secure Estimation of Networked Cyber-Physical Systems Against False Data Injection Attacks and Jamming Attacks , 2018, IEEE Transactions on Signal and Information Processing over Networks.

[19]  Igor Kotenko,et al.  Hybridization of computational intelligence methods for attack detection in computer networks , 2017, J. Comput. Sci..

[20]  Latifur Khan,et al.  A Machine Learning Approach to Android Malware Detection , 2012, 2012 European Intelligence and Security Informatics Conference.

[21]  Michael B. Miller Linear Regression Analysis , 2013 .

[22]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[23]  Jun Sun,et al.  Learning from Mutants: Using Code Mutation to Learn and Monitor Invariants of a Cyber-Physical System , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[24]  Tariq Rahim Soomro,et al.  Big Data Analysis: Ap Spark Perspective , 2015 .

[25]  Seref Sagiroglu,et al.  A review on mobile threats and machine learning based detection approaches , 2016, 2016 4th International Symposium on Digital Forensic and Security (ISDFS).

[26]  Di Wu,et al.  IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? , 2018, IEEE Signal Processing Magazine.

[27]  Jamal Raiyn,et al.  A survey of Cyber Attack Detection Strategies , 2014 .

[28]  Nikhil S. Mangrulkar,et al.  Network Attacks and Their Detection Mechanisms: A Review , 2014 .

[29]  Martin Ester,et al.  Density‐based clustering , 2019, WIREs Data Mining Knowl. Discov..

[30]  Ehud Gudes,et al.  Security and privacy aspects in MapReduce on clouds: A survey , 2016, Comput. Sci. Rev..

[31]  Andrew Y. Ng,et al.  Learning Feature Representations with K-Means , 2012, Neural Networks: Tricks of the Trade.

[32]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[33]  Naveen K. Chilamkurti,et al.  Distributed attack detection scheme using deep learning approach for Internet of Things , 2017, Future Gener. Comput. Syst..

[34]  Eryk Dutkiewicz,et al.  Cyberattack detection in mobile cloud computing: A deep learning approach , 2017, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[35]  Christian Bauckhage,et al.  Malware Detection on Mobile Devices Using Distributed Machine Learning , 2010, 2010 20th International Conference on Pattern Recognition.