scholarly journals A Survey on Data-Driven Learning for Intelligent Network Intrusion Detection Systems

Electronics ◽  
2022 ◽  
Vol 11 (2) ◽  
pp. 213
Author(s):  
Ghada Abdelmoumin ◽  
Jessica Whitaker ◽  
Danda B. Rawat ◽  
Abdul Rahman
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Data Augmentation ◽  
Synthetic Data ◽  
Skewed Distribution ◽  
Rapid Review ◽  
Time Data ◽  
Adversarial Learning ◽  
Network Intrusion ◽  
Real Time Data

An effective anomaly-based intelligent IDS (AN-Intel-IDS) must detect both known and unknown attacks. Hence, there is a need to train AN-Intel-IDS using dynamically generated, real-time data in an adversarial setting. Unfortunately, the public datasets available to train AN-Intel-IDS are ineluctably static, unrealistic, and prone to obsolescence. Further, the need to protect private data and conceal sensitive data features has limited data sharing, thus encouraging the use of synthetic data for training predictive and intrusion detection models. However, synthetic data can be unrealistic and potentially bias. On the other hand, real-time data are realistic and current; however, it is inherently imbalanced due to the uneven distribution of anomalous and non-anomalous examples. In general, non-anomalous or normal examples are more frequent than anomalous or attack examples, thus leading to skewed distribution. While imbalanced data are commonly predominant in intrusion detection applications, it can lead to inaccurate predictions and degraded performance. Furthermore, the lack of real-time data produces potentially biased models that are less effective in predicting unknown attacks. Therefore, training AN-Intel-IDS using imbalanced and adversarial learning is instrumental to their efficacy and high performance. This paper investigates imbalanced learning and adversarial learning for training AN-Intel-IDS using a qualitative study. It surveys and synthesizes generative-based data augmentation techniques for addressing the uneven data distribution and generative-based adversarial techniques for generating synthetic yet realistic data in an adversarial setting using rapid review, structured reporting, and subgroup analysis.

Big Data Management in the Context of Real-Time Data Warehousing

2013 ◽  
pp. 150-176
Author(s):  
M. Asif Naeem ◽  
Gillian Dobbie ◽  
Gerald Weber
Keyword(s):  
Big Data ◽  
Data Integration ◽  
Real Time ◽  
Real Life ◽  
Skewed Distribution ◽  
Stream Data ◽  
Time Data ◽  
Master Data ◽  
Real Time Data ◽  
Resource Aware

In order to make timely and effective decisions, businesses need the latest information from big data warehouse repositories. To keep these repositories up to date, real-time data integration is required. An important phase in real-time data integration is data transformation where a stream of updates, which is huge in volume and infinite, is joined with large disk-based master data. Stream processing is an important concept in Big Data, since large volumes of data are often best processed immediately. A well-known algorithm called Mesh Join (MESHJOIN) was proposed to process stream data with disk-based master data, which uses limited memory. MESHJOIN is a candidate for a resource-aware system setup. The problem that the authors consider in this chapter is that MESHJOIN is not very selective. In particular, the performance of the algorithm is always inversely proportional to the size of the master data table. As a consequence, the resource consumption is in some scenarios suboptimal. They present an algorithm called Cache Join (CACHEJOIN), which performs asymptotically at least as well as MESHJOIN but performs better in realistic scenarios, particularly if parts of the master data are used with different frequencies. In order to quantify the performance differences, the authors compare both algorithms with a synthetic dataset of a known skewed distribution as well as TPC-H and real-life datasets.

scholarly journals An Innovative Method to Extract Data in a Real-time Data Warehousing Environment

2021 ◽  
Author(s):  
Flavio de Assis Vilela ◽  
Ricardo Rodrigues Ciferri
Keyword(s):  
Real Time ◽  
Data Warehousing ◽  
Data Extraction ◽  
Synthetic Data ◽  
Knowledge Discovery In Databases ◽  
Data Repository ◽  
Time Data ◽  
Innovative Method ◽  
Real Time Data ◽  
Time Requirements

ETL (Extract, Transform, and Load) is an essential process required to perform data extraction in knowledge discovery in databases and in data warehousing environments. The ETL process aims to gather data that is available from operational sources, process and store them into an integrated data repository. Also, the ETL process can be performed in a real-time data warehousing environment and store data into a data warehouse. This paper presents a new and innovative method named Data Extraction Magnet (DEM) to perform the extraction phase of ETL process in a real-time data warehousing environment based on non-intrusive, tag and parallelism concepts. DEM has been validated on a dairy farming domain using synthetic data. The results showed a great performance gain in comparison to the traditional trigger technique and the attendance of real-time requirements.

scholarly journals HYBRIDJOIN for Near-Real-Time Data Warehousing

2011 ◽  
Vol 7 (4) ◽  
pp. 21-42 ◽  
Author(s):  
M. Asif Naeem ◽  
Gillian Dobbie ◽  
Gerald Weber
Keyword(s):  
Real Time ◽  
Data Stream ◽  
Time Integration ◽  
Synthetic Data ◽  
Performance Measurements ◽  
Time Data ◽  
Join Algorithm ◽  
Real Time Data ◽  
Set Up ◽  
Nested Loop

An important component of near-real-time data warehouses is the near-real-time integration layer. One important element in near-real-time data integration is the join of a continuous input data stream with a disk-based relation. For high-throughput streams, stream-based algorithms, such as Mesh Join (MESHJOIN), can be used. However, in MESHJOIN the performance of the algorithm is inversely proportional to the size of disk-based relation. The Index Nested Loop Join (INLJ) can be set up so that it processes stream input, and can deal with intermittences in the update stream but it has low throughput. This paper introduces a robust stream-based join algorithm called Hybrid Join (HYBRIDJOIN), which combines the two approaches. A theoretical result shows that HYBRIDJOIN is asymptotically as fast as the fastest of both algorithms. The authors present performance measurements of the implementation. In experiments using synthetic data based on a Zipfian distribution, HYBRIDJOIN performs significantly better for typical parameters of the Zipfian distribution, and in general performs in accordance with the theoretical model while the other two algorithms are unacceptably slow under different settings.

scholarly journals HYBRIDJOIN for Near-Real-Time Data Warehousing

2013 ◽  
pp. 280-302
Author(s):  
M. Asif Naeem ◽  
Gillian Dobbie ◽  
Gerald Weber
Keyword(s):  
Real Time ◽  
Input Data ◽  
Time Integration ◽  
Synthetic Data ◽  
Performance Measurements ◽  
Time Data ◽  
Join Algorithm ◽  
Real Time Data ◽  
Set Up ◽  
Nested Loop

An important component of near-real-time data warehouses is the near-real-time integration layer. One important element in near-real-time data integration is the join of a continuous input data stream with a disk-based relation. For high-throughput streams, stream-based algorithms, such as Mesh Join (MESHJOIN), can be used. However, in MESHJOIN the performance of the algorithm is inversely proportional to the size of disk-based relation. The Index Nested Loop Join (INLJ) can be set up so that it processes stream input, and can deal with intermittences in the update stream but it has low throughput. This paper introduces a robust stream-based join algorithm called Hybrid Join (HYBRIDJOIN), which combines the two approaches. A theoretical result shows that HYBRIDJOIN is asymptotically as fast as the fastest of both algorithms. The authors present performance measurements of the implementation. In experiments using synthetic data based on a Zipfian distribution, HYBRIDJOIN performs significantly better for typical parameters of the Zipfian distribution, and in general performs in accordance with the theoretical model while the other two algorithms are unacceptably slow under different settings.

scholarly journals Real Time Call Monitoring System Using Spark Streaming and Network Intrusion Detection Using Distributed WekaSpark

2017 ◽  
Vol 2 (1) ◽  
pp. 7-13
Author(s):  
Darshan V S ◽  
Ria Raphael
Keyword(s):  
Intrusion Detection ◽  
Real Time ◽  
Time Data ◽  
Real Time Processing ◽  
Network Failure ◽  
Network Intrusion ◽  
Call Usage ◽  
Call Monitoring ◽  
Made In

With the increase of calls in industries it is very difficult to identify the calls made in a huge organization. The study and developing analytics out of the call history generated in terms of real time or the information stored helps in the improvement of the quality of calls in terms of network failure analysis, analysing call usage pattern from minimal to maximum to increase server efficiency, analyse user level pattern. The capability to process, analyse and evaluate real time data in a system is a challenging task, the test of building up an adaptable, shortcoming tolerant and flexible observing framework that Can deal with information continuously and at a huge scale is nontrivial. We exhibit a novel framework for real time processing and batch processing by using spark streaming and spark, also an ensemble model is used with distributed weka-spark for intrusion detection.

399-P: Nurse-Driven Intervention Using Real-Time Data to Improve Hypoglycemia Rates in a Respiratory Care Unit

Diabetes ◽  
2020 ◽  
Vol 69 (Supplement 1) ◽  
pp. 399-P
Author(s):  
ANN MARIE HASSE ◽  
RIFKA SCHULMAN ◽  
TORI CALDER
Keyword(s):  
Real Time ◽  
Respiratory Care ◽  
Time Data ◽  
Real Time Data
Sign in / Sign up

Export Citation Format

Share Document