Real‐time anomaly detection using parallelized intrusion detection architecture for streaming data

2018 ◽  
Vol 32 (4) ◽  
Author(s):  
Chellammal P ◽  
Sheba Kezia Malarchelvi P D
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Real Time ◽  
Streaming Data

scholarly journals Unsupervised real-time anomaly detection for streaming data

2017 ◽  
Vol 262 ◽  
pp. 134-147 ◽  
Author(s):  
Subutai Ahmad ◽  
Alexander Lavin ◽  
Scott Purdy ◽  
Zuha Agha
Keyword(s):  
Anomaly Detection ◽  
Real Time ◽  
Streaming Data

scholarly journals Anomaly Intrusion Detection System in Real Time Environment using Ensemble Learning Model

2019 ◽  
Vol 8 (4) ◽  
pp. 4908-4917
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Real Time ◽  
Network Traffic ◽  
Intrusion Detection System ◽  
Detection System ◽  
False Negative ◽  
Ensemble Classification ◽  
Data Set ◽  
Rule Set

System security is of essential part now days for huge organizations. The Intrusion Detection System (IDS) are getting to be irreplaceable for successful assurance against intrusions that are continually changing in size and intricacy. With information honesty, privacy and accessibility, they must be solid, simple to oversee and with low upkeep cost. Different adjustments are being connected to IDS consistently to recognize new intrusions and handle them. This paper proposes model based on combination of ensemble classification for network traffic anomaly detection. Intrusion detection system is try to perform in real time, but they cannot improved due to the network connections. This research paper is trying to implement intrusion detection system (IDS) using ensemble method for misuse as well anomaly detection for HIDS and NIDS based also. This system used various individual classification methods and its ensemble model on KDD99 and NSL-KDD data set to check the performance of model. It also check the performance on creating real time network traffic using own attack creator and send this to the remote machine which has our proposed IDS system. This system used training rule set as a background knowledge which are generated by genetic algorithm. Ensemble approach contains three algorithms as Naive Bayes, Artificial Neural Network and J48. Ensemble classifiers apply on network packets mapping with GA rule set and generate the result. Finally our proposed model produces highest detection rate and lower false negative ratio compare to others. Also find the accuracy of each attack types.

scholarly journals Performance Comparison of Anomaly Detection Algorithms for Streaming Data

2020 ◽  
Author(s):  
Zirije Hasani ◽  
Jakup Fondaj
Keyword(s):  
Anomaly Detection ◽  
Real Time ◽  
Time Series Data ◽  
Scale Up ◽  
Detection Algorithm ◽  
Streaming Data ◽  
Series Data ◽  
Process Data ◽  
Significant Information ◽  
Detection Algorithms

Abstract Most of the today's world data are streaming, time-series data, where anomalies detection gives significant information of possible critical situations. Yet, detecting anomalies in big streaming data is a difficult task, requiring detectors to acquire and process data in a real-time, as they occur, even before they are stored and instantly alarm on potential threats. Suitable to the need for real-time alarm and unsupervised procedures for massive streaming data anomaly detection, algorithms have to be robust, with low processing time, eventually at the cost of the accuracy. In this work we compare the performance of our proposed anomaly detection algorithm HW-GA[1] with other existing methods as ARIMA [10], Moving Average [11] and Holt Winters [12]. The algorithms are tested and results are visualized in the system R, on the three Numenta datasets, with known anomalies and own e-dnevnik dataset with unknown anomalies. Evaluation is done by comparing achieved results (the algorithm execution time and CPU usage). Our interest is monitoring of the streaming log data that are generating in the national educational network (e-dnevnik) that acquires a massive number of online queries and to detect anomalies in order to scale up performance, prevent network downs, alarm on possible attacks and similar.

scholarly journals On the proper choice of datasets and traffic features for real-time anomaly detection

2021 ◽  
Vol 2091 (1) ◽  
pp. 012001
Author(s):  
C Callegari ◽  
S Giordano ◽  
M Pagano
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Real Time ◽  
Detection System ◽  
Detection Algorithm ◽  
Performance Comparison ◽  
Critical Element ◽  
Correct Identification ◽  
Data Set ◽  
On Line

Abstract Thanks to its ability to face unknown attacks, Anomaly-based Intrusion Detection is a key research topic in network security and different statistical methods, fed by suitable traffic features, have been proposed in the literature. The choice of a proper dataset is a critical element not only for performance comparison, but also for the correct identification of the normal traffic behaviour. In this paper we address the general problem of selecting traffic features from recent real traffic traces (MAWI data set) and verify how the real-time constraint impacts on the general performance. Although a state-of-the-art IDS (Intrusion Detection System) based on deep neural networks is considered, our conclusions can be extended to any anomaly detection algorithm and advocate for a fair comparison of IDSs using representative datasets and traffic features that can be extracted on-line (and do not depend on the entire dataset).

Sign in / Sign up

Export Citation Format

Share Document