Real-time Support Vector Machine based Network Intrusion Detection system using Apache Storm

Network intrusion detection is critical component of network management for security, quality of service and other purposes. These systems allow early detection of network intrusion and malicious activities; based on this detection, appropriate actions can be applied to manage these attacks. Several network intrusion detection systems are proposed and evaluated and many of them are currently in use to provide better security. Currently, computer networks are generating high volume of data traffic which cannot be analyzed by most network intrusion detection systems. This situation requires new techniques that can handle huge volume of real time data traffic and it must maintain the high throughput. We have proposed to network intrusion system based on support vector machine in this work. We also propose to use Apache Storm framework; which is a real-time distributed stream processing framework. This network intrusion system is tested for KDD 99 network intrusion dataset.

[1]  Farrukh Aslam Khan,et al.  Network Intrusion Detection Using Diversity-Based Centroid Mechanism , 2015, 2015 12th International Conference on Information Technology - New Generations.

[2]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[3]  Rafael Timóteo de Sousa Júnior,et al.  Building Scalable Distributed Intrusion Detection Systems Based on the MapReduce Framework , 2011 .

[4]  Lonnie R. Welch,et al.  Real-time system security , 2003 .

[5]  Gianluca Pollastri,et al.  A machine learning strategy for protein analysis , 2002 .

[6]  Marina Blanton,et al.  Real-Time Network-Based Anomaly Intrusion Detection , 2001, Scalable Comput. Pract. Exp..

[7]  Ulrich H.-G. Kreßel,et al.  Pairwise classification and support vector machines , 1999 .

[8]  Yongzhong Li,et al.  Anomaly Intrusion Detection Method Based on K-Means Clustering Algorithm with Particle Swarm Optimization , 2011, 2011 International Conference of Information Technology, Computer Engineering and Management Sciences.

[9]  Chih-Jen Lin,et al.  LIBSVM: A library for support vector machines , 2011, TIST.

[10]  Ching Y. Suen,et al.  Historical review of OCR research and development , 1992, Proc. IEEE.

[11]  Philippe Owezarski,et al.  Sub-Space clustering, Inter-Clustering Results Association & anomaly correlation for unsupervised network anomaly detection , 2011, 2011 7th International Conference on Network and Service Management.

[12]  Carl K. Chang,et al.  Bayesian Model Averaging of Bayesian Network Classifiers for Intrusion Detection , 2014, 2014 IEEE 38th International Computer Software and Applications Conference Workshops.

[13]  Vladimir Vapnik,et al.  Statistical learning theory , 1998 .

[14]  László Györfi,et al.  A Probabilistic Theory of Pattern Recognition , 1996, Stochastic Modelling and Applied Probability.

[15]  Joseph Picone,et al.  Applications of support vector machines to speech recognition , 2004, IEEE Transactions on Signal Processing.

[16]  Bhavani M. Thuraisingham,et al.  A new intrusion detection system using support vector machines and hierarchical clustering , 2007, The VLDB Journal.