An Efficient Network Intrusion Detection System for Distributed Networks using Machine Learning Technique

2023 7th International Conference on Trends in Electronics and Informatics (ICOEI) Pub Date : 2023-04-11 DOI:10.1109/ICOEI56765.2023.10126055

Parveen Akhther. A, A. Maryposonia, P. S.

{"title":"An Efficient Network Intrusion Detection System for Distributed Networks using Machine Learning Technique","authors":"Parveen Akhther. A, A. Maryposonia, P. S.","doi":"10.1109/ICOEI56765.2023.10126055","DOIUrl":null,"url":null,"abstract":"The task to ensure security in a network that is distributed over several nodes is a significant and challenging one. Since the primary objective of a DDoS attack is to prevent authorized nodes from gaining access to the service, this type of attack presents a significant threat to distributed networks. It is highly important that a modular and dependable NIDS must be created for handling DOS attacks in the distributed environment effectively, and in turn, all the nodes are available in the distributed network.The high need for modular techniques required in the detection phase for collecting, storing and analyzing the big data from the nodes in the distributed network poses significant hurdles in finding out the Distributed DOS attack.This research proposes a Big Data-based Distributed Denial of Service Network Intrusion Detection System to address these issues. Important features of the proposed intrusion detection system include a module for detecting network traffic and another for collecting data on that traffic. In this study, micro-batch data processing is employed for traffic feature gathering in the Network collection module and Random Forest (RF) algorithm-based classification technique is used in the traffic detection module for feature selection. For Storing a large number of wary attacks, Hadoop File System (HDFS) is used, and for accelerating the speed of data processing, S park is used as a suggested solution.The method was assessed using the NSL-KDD benchmark dataset to find the accuracy and many other parameters. Experimental results for Accuracy, Recall, F1-Measure and Precision, from the proposed work are compared to those from the machine learning techniques, DT(Decision Tree), PCA RF(Principal Component Analysis Random Forest), NB(Naive Bayes), SVM(Support Vector Machine), and LR (Logistic Regression). According to the experimental findings, the suggested detection algorithm achieved an Accuracy of 99.89%, respectively.","PeriodicalId":168942,"journal":{"name":"2023 7th International Conference on Trends in Electronics and Informatics (ICOEI)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 7th International Conference on Trends in Electronics and Informatics (ICOEI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOEI56765.2023.10126055","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

The task to ensure security in a network that is distributed over several nodes is a significant and challenging one. Since the primary objective of a DDoS attack is to prevent authorized nodes from gaining access to the service, this type of attack presents a significant threat to distributed networks. It is highly important that a modular and dependable NIDS must be created for handling DOS attacks in the distributed environment effectively, and in turn, all the nodes are available in the distributed network.The high need for modular techniques required in the detection phase for collecting, storing and analyzing the big data from the nodes in the distributed network poses significant hurdles in finding out the Distributed DOS attack.This research proposes a Big Data-based Distributed Denial of Service Network Intrusion Detection System to address these issues. Important features of the proposed intrusion detection system include a module for detecting network traffic and another for collecting data on that traffic. In this study, micro-batch data processing is employed for traffic feature gathering in the Network collection module and Random Forest (RF) algorithm-based classification technique is used in the traffic detection module for feature selection. For Storing a large number of wary attacks, Hadoop File System (HDFS) is used, and for accelerating the speed of data processing, S park is used as a suggested solution.The method was assessed using the NSL-KDD benchmark dataset to find the accuracy and many other parameters. Experimental results for Accuracy, Recall, F1-Measure and Precision, from the proposed work are compared to those from the machine learning techniques, DT(Decision Tree), PCA RF(Principal Component Analysis Random Forest), NB(Naive Bayes), SVM(Support Vector Machine), and LR (Logistic Regression). According to the experimental findings, the suggested detection algorithm achieved an Accuracy of 99.89%, respectively.

查看原文本刊更多论文

基于机器学习技术的分布式网络入侵检测系统

确保分布在多个节点上的网络的安全性是一项重要而具有挑战性的任务。由于DDoS攻击的主要目标是阻止授权节点访问服务，因此这种类型的攻击对分布式网络构成了重大威胁。为了有效地处理分布式环境中的DOS攻击，必须创建一个模块化的、可靠的NIDS，从而使分布式网络中的所有节点都可用，这一点非常重要。分布式网络中节点大数据的采集、存储和分析在检测阶段对模块化技术的要求很高，这给分布式DOS攻击的发现带来了很大的障碍。本研究提出一种基于大数据的分布式拒绝服务网络入侵检测系统来解决这些问题。所提出的入侵检测系统的重要特征包括一个用于检测网络流量的模块和另一个用于收集该流量数据的模块。在本研究中，网络采集模块采用微批数据处理进行流量特征采集，流量检测模块采用基于随机森林(Random Forest, RF)算法的分类技术进行特征选择。对于存储大量的恶意攻击，使用HDFS (Hadoop File System);对于加快数据处理速度，建议使用S park。使用NSL-KDD基准数据集对该方法进行评估，以找到准确性和许多其他参数。准确度、召回率、F1-Measure和精密度的实验结果与机器学习技术、DT(决策树)、PCA RF(主成分分析随机森林)、NB(朴素贝叶斯)、SVM(支持向量机)和LR(逻辑回归)的实验结果进行了比较。实验结果表明，所提出的检测算法的准确率分别达到99.89%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 7th International Conference on Trends in Electronics and Informatics (ICOEI)

自引率

0.00%

发文量