Information | |
Apache Spark and MLlib-Based Intrusion Detection System or How the Big Data Technologies Can Secure the Data | |
Otmane Azeroual1  Anastasija Nikiforova2  | |
[1] German Centre for Higher Education Research and Science Studies (DZHW), 10117 Berlin, Germany;“Innovative Information Technologies” Laboratory, Programming Department, Faculty of Computing, University of Latvia, Raina Boulevard 19, LV-1050 Riga, Latvia; | |
关键词: big data; machine learning; k-means; clustering; data anomaly; security; | |
DOI : 10.3390/info13020058 | |
来源: DOAJ |
【 摘 要 】
Since the turn of the millennium, the volume of data has increased significantly in both industries and scientific institutions. The processing of these volumes and variety of data we are dealing with are unlikely to be accomplished with conventional software solutions. Thus, new technologies belonging to the big data processing area, able to distribute and process data in a scalable way, are integrated into classical Business Intelligence (BI) systems or replace them. Furthermore, we can benefit from big data technologies to gain knowledge about security, which can be obtained from massive databases. The paper presents a security-relevant data analysis based on the big data analytics engine Apache Spark. A prototype intrusion detection system is developed aimed at detecting data anomalies through machine learning by using the k-means algorithm for clustering analysis implemented in Sparks MLlib. The extraction of features to detect anomalies is currently challenging because the problem of detecting anomalies is not actively and exhaustively monitored. The detection of abnormal data can be effectuated by using relevant data that are already in companies’ and scientific organizations’ possession. Their interpretation and further processing in a continuous manner can sufficiently contribute to anomaly and intrusion detection.
【 授权许可】
Unknown