A new Approach to Detecting Intrusion and Malicious Behaviors in Big Data
Subject Areas : Electrical and Computer Engineering
Homa Movahednejad
1
,
Mohsen Porshaban
2
,
Ehsan Yazdani Chamzini
3
,
Elahe Hemati Ashani
4
,
Mahdi Sharifi
5
1 - Faculity of Computer Engineering, Najafabad Branch, Islamic Azad University, Najafabad, Iran
2 - Faculity of Computer Engineering, Najafabad Branch, Islamic Azad University, Najafabad, Iran
3 - Faculity of Computer Engineering, Najafabad Branch, Islamic Azad University, Najafabad, Iran
4 - Faculity of Computer Engineering, Najafabad Branch, Islamic Azad University, Najafabad, Iran
5 - Faculity of Computer Engineering, Najafabad Branch, Islamic Azad University, Najafabad, Iran
Keywords: Intrusion detection, Malicious behavior, Support vector machine algorithm, Big data, Bacterial foraging optimization algorithm,
Abstract :
Today, maintaining information security and intrusion detection is very important to deal with malicious behaviors in massive data. In this article, a hybrid method for detecting malicious data is presented wherein three factors of time progress, history of users and scalability are taken into account. The proposed method utilizes storage and feature extraction techniques to increase the speed and reduce the amount of calculations. In addition, the support vector machine algorithm has been modified for classification, and the parallelized bacterial foraging optimization algorithm has been used for feature extraction. The results show that the proposed algorithm outperforms the existing methods in terms of detection rate by 21%, false positive rate by 62%, accuracy by 15% and execution time by 70%. The reduction in execution time indicates that less energy is needed to run the algorithm which results in saving energy and can be beneficial for use in green energy systems.
[1] T. Miyato, S.-i. Maeda, M. Koyama, and S. Ishii, "Virtual adversarial training: a regularization method for supervised and semi-supervised learning," IEEE transactions on pattern analysis and machine intelligence, vol. 41, no. 8, pp. 1979-1993, 2018. doi: 10.1109/TPAMI.2018.2858821
[2] R. A. Dara, T. Khan, J. Azim, O. Cicchello, and G. Cort, "A semi-supervised approach to customer relationship management," in Artificial Intelligence and Soft Computing, 2006, pp. 58-64.
[3] A. Dutt, S. Aghabozrgi, M. A. B. Ismail, and H. Mahroeian, "Clustering algorithms applied in educational data mining," International Journal of Information and Electronics Engineering, vol. 5, no. 2, p. 112, 2015. doi: 10.7763/IJIEE.2015.V5.513
[4] C. Guo, H. Tang, B. Niu, and C. B. P. Lee, "A survey of bacterial foraging optimization," Neurocomputing, vol. 452, pp. 728-746, 2021. doi:10.1016/j.neucom.2020.06.142
[5] H. Chen, Q. Zhang, J. Luo, Y. Xu, and X. Zhang, "An enhanced bacterial foraging optimization and its application for training kernel extreme learning machine," Applied Soft Computing, vol. 86, p. 105884, 2020. doi: 10.1016/j.asoc.2019.105884.
[6] D. A. Pisner and D. M. Schnyer, "Support vector machine," in Machine learning: Elsevier, 2020, pp. 101-121. doi: 10.1016/B978-0-12-815739-8.00006-7.
[7] C. Campbell and Y. Ying, Learning with support vector machines. Springer Nature, 2022. doi:10.1007/978-3-031-01552-6.
[8] N. A. Seresht, R. Azmi, and B. Pishgoo, "A new clonal selection algorithm based on radius regularization of anomaly detectors," in The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012), 2012: IEEE, pp. 497-502. doi: 10.1109/AISP.2012.6313798.
[9] P. Rahul, S. Kedia, Sarangi, and Monika, "Analysis of machine learning models for malware detection," Journal of Discrete Mathematical Sciences and Cryptography, vol. 23, no. 2, pp. 395-407, 2020. doi:10.1080/09720529.2020.1721870.
[10] K. Asrigo, L. Litty, and D. Lie, "Using VMM-based sensors to monitor honeypots," in Proceedings of the 2nd international conference on Virtual execution environments, 2006, pp. 13-23. doi:10.1145/1134760.1134765.
[11] I. Bello et al., "Detecting ransomware attacks using intelligent algorithms: Recent development and next direction from deep learning and big data perspectives," Journal of Ambient Intelligence and Humanized Computing, vol. 12, pp. 8699-8717, 2021. doi:10.1007/s12652-020-02630-7.
[12] P. Kumar, G. P. Gupta, and R. Tripathi, "Toward design of an intelligent cyber attack detection system using hybrid feature reduced approach for iot networks," Arabian Journal for Science and Engineering, vol. 46, pp. 3749-3778, 2021. doi:10.1007/s13369-020-05181-3.
[13] M. Rabbani, Y. L. Wang, R. Khoshkangini, H. Jelodar, R. Zhao, and P. Hu, "A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing," Journal of Network and Computer Applications, vol. 151, p. 102507, 2020. doi:10.1016/j.jnca.2019.102507.
[14] J. O. Onah, M. Abdullahi, I. H. Hassan, and A. Al-Ghusham, "Genetic Algorithm based feature selection and Naïve Bayes for anomaly detection in fog computing environment," Machine Learning with Applications, vol. 6, p. 100156, 2021. doi:10.1016/j.mlwa.2021.100156.
[15] F. Jemili, "Intelligent intrusion detection based on fuzzy Big Data classification," Cluster Computing, vol. 26, no. 6, pp. 3719-3736, 2023. doi:10.1007/s10586-022-03769-y.
[16] G. T. Reddy et al., "Analysis of dimensionality reduction techniques on big data," Ieee Access, vol. 8, pp. 54776-54788, 2020. doi:10.1109/ACCESS.2020.2980942.
[17] Y. Xu, Y. Sun, Z. Ma, H. Zhao, Y. Wang, and N. Lu, "Attribute selection based genetic network programming for intrusion detection system," Journal of Advanced Computational Intelligence and Intelligent Informatics, vol. 26, no. 5, pp. 671-683, 2022. doi:10.20965/jaciii.2022.p0671.
[18] D. A. Salih, Y. A. Mohamed, and M. Bashir, "Enhancing intrusion detection system performance against low frequent attacks using FC-ANN algorithem," Journal of Engineering Science and Technology, vol. 18, no. 5, pp. 2411-2431, 2023.
[19] H.-M. Lee and S.-J. Lee, "A Study on Security Event Detection in ESM Using Big Data and Deep Learning," International Journal of Internet, Broadcasting and Communication, vol. 13, no. 3, pp. 42-49, 2021. , doi:10.7236/IJIBC.2021.13.3.42
[20] M. Naveed et al., "A Deep Learning-Based Framework for Feature Extraction and Classification of Intrusion Detection in Networks," Wireless Communications and Mobile Computing, vol. 2022, 2022. doi:10.1155/2022/2215852.
[21] A. A. Alqarni, "Toward support-vector machine-based ant colony optimization algorithms for intrusion detection," Soft Computing, vol. 27, no. 10, pp. 6297-6305, 2023. doi:10.1007/s00500-023-07906-6.
[22] W. Mao, Z. Cai, Y. Yang, X. Shi, and X. Guan, "From big data to knowledge: A spatio-temporal approach to malware detection," Computers & Security, vol. 74, pp. 167-183, 2018. doi:10.1016/j.cose.2017.12.005.
[23] M. M. Shetty and D. Manjaiah, "Advanced Threat Detection Based on Big Data Technologies," in Cyber Warfare and Terrorism: Concepts, Methodologies, Tools, and Applications: IGI Global, 2020, pp. 808-822. ,doi:10.4018/978-1-5225-3015-2.ch001.
[24] M. Rabbani et al., "A review on machine learning approaches for network malicious behavior detection in emerging technologies," Entropy, vol. 23, no. 5, p. 529, 2021. doi:10.3390/e23050529.
[25] C.-H. Liu and W.-H. Chen, "The Study of Using Big Data Analysis to Detecting APT Attack," Journal of Computers, vol. 30, no. 1, pp. 206-222, 2019. doi:10.3966/199115992019023001020.
[26] G. Xu, W. Su, and Z. He, "An Efficient implementation of Network Malicious Traffic Screening based on Big Data Analytics," in 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC), 2021: IEEE, pp. 1274-1277.doi: 10.1109/ICOSEC51865.2021.9591700
[27] J. Kevric, S. Jukic, and A. Subasi, "An effective combining classifier approach using tree algorithms for network intrusion detection," Neural Computing and Applications, vol. 28, no. Suppl 1, pp. 1051-1058, 2017. doi:10.1007/s00521-016-2418-1.
