ارائه یک روش جدید برای تشخیص نفوذ و رفتارهای مخرب در داده های حجیم
محورهای موضوعی : مهندسی برق و کامپیوترهما موحد نژاد 1 , محسن پورشعبان 2 , احسان یزدانی چمزینی 3 , الهه همتی اشنی 4 , مهدی شریفی 5
1 - دانشکده مهندسی کامپیوتر، واحد نجف آباد، دانشگاه آزاد اسلامی، نجف آباد، ایران
2 - دانشکده مهندسی کامپیوتر، واحد نجف آباد، دانشگاه آزاد اسلامی، نجف آباد، ایران
3 - دانشکده مهندسی کامپیوتر، واحد نجف آباد، دانشگاه آزاد اسلامی، نجف آباد، ایران
4 - دانشکده مهندسی کامپیوتر، واحد نجف آباد، دانشگاه آزاد اسلامی، نجف آباد، ایران
5 - دانشکده مهندسی کامپیوتر، واحد نجف آباد، دانشگاه آزاد اسلامی، نجف آباد، ایران
کلید واژه: تشخیص نفوذ, رفتارهای مخرب, الگوریتم ماشین بردار پشتیبان, کلان داده¬ها, الگوریتم غذایابی باکتری,
چکیده مقاله :
امروزه حفظ امنیت اطلاعات و تشخیص نفوذ به¬منظور مقابله با رفتارهای مخرب در داده¬های حجیم از اهمیت بسزایی برخوردار است. در این مقاله یک روش ترکیبی نرم¬افزاری سخت¬افزاری برای تشخیص داده¬های مخرب ارائه شده است. در این روش سه فاکتور پیشرفت زمانی، تاریخچه کاربران و مقیاس¬پذیری لحاظ شده است. در روش پیشنهادی از تکنیک¬های ذخیره¬سازی و استخراج ویژگی جهت افزایش سرعت و کاهش حجم محاسبات استفاده می¬شود. همچنین برای طبقه¬بندی از الگوریتم ماشین بردار پشتیبان تغییر یافته و برای عملیات استخراج ویژگیها از الگوریتم غذایابی باکتری بصورت موازیسازی شده، بهره برده شده است. نتایج نشان میدهد که الگوریتم پیشنهادی نسبت به سایر روش¬های مشابه، از نظر نرخ تشخیص 21%، نرخ مثبت کاذب 62%، دقت 15% و زمان اجرا 70% بهتر عمل می¬کند. کاهش زمان اجرا بیانگر آن است که برای اجرای الگوریتم به انرژی مصرفی کمتری نیاز است که در نتیجه میتواند علاوه بر صرفهجویی انرژی؛ جهت بکارگیری در سیستمهای انرژی سبز نیز سودمند باشد.
Today, maintaining information security and intrusion detection is very important to deal with malicious behaviors in massive data. In this article, a hybrid method for detecting malicious data is presented wherein three factors of time progress, history of users and scalability are taken into account. The proposed method utilizes storage and feature extraction techniques to increase the speed and reduce the amount of calculations. In addition, the support vector machine algorithm has been modified for classification, and the parallelized bacterial foraging optimization algorithm has been used for feature extraction. The results show that the proposed algorithm outperforms the existing methods in terms of detection rate by 21%, false positive rate by 62%, accuracy by 15% and execution time by 70%. The reduction in execution time indicates that less energy is needed to run the algorithm which results in saving energy and can be beneficial for use in green energy systems.
[1] T. Miyato, S.-i. Maeda, M. Koyama, and S. Ishii, "Virtual adversarial training: a regularization method for supervised and semi-supervised learning," IEEE transactions on pattern analysis and machine intelligence, vol. 41, no. 8, pp. 1979-1993, 2018. doi: 10.1109/TPAMI.2018.2858821
[2] R. A. Dara, T. Khan, J. Azim, O. Cicchello, and G. Cort, "A semi-supervised approach to customer relationship management," in Artificial Intelligence and Soft Computing, 2006, pp. 58-64.
[3] A. Dutt, S. Aghabozrgi, M. A. B. Ismail, and H. Mahroeian, "Clustering algorithms applied in educational data mining," International Journal of Information and Electronics Engineering, vol. 5, no. 2, p. 112, 2015. doi: 10.7763/IJIEE.2015.V5.513
[4] C. Guo, H. Tang, B. Niu, and C. B. P. Lee, "A survey of bacterial foraging optimization," Neurocomputing, vol. 452, pp. 728-746, 2021. doi:10.1016/j.neucom.2020.06.142
[5] H. Chen, Q. Zhang, J. Luo, Y. Xu, and X. Zhang, "An enhanced bacterial foraging optimization and its application for training kernel extreme learning machine," Applied Soft Computing, vol. 86, p. 105884, 2020. doi: 10.1016/j.asoc.2019.105884.
[6] D. A. Pisner and D. M. Schnyer, "Support vector machine," in Machine learning: Elsevier, 2020, pp. 101-121. doi: 10.1016/B978-0-12-815739-8.00006-7.
[7] C. Campbell and Y. Ying, Learning with support vector machines. Springer Nature, 2022. doi:10.1007/978-3-031-01552-6.
[8] N. A. Seresht, R. Azmi, and B. Pishgoo, "A new clonal selection algorithm based on radius regularization of anomaly detectors," in The 16th CSI International Symposium on Artificial Intelligence and Signal Processing (AISP 2012), 2012: IEEE, pp. 497-502. doi: 10.1109/AISP.2012.6313798.
[9] P. Rahul, S. Kedia, Sarangi, and Monika, "Analysis of machine learning models for malware detection," Journal of Discrete Mathematical Sciences and Cryptography, vol. 23, no. 2, pp. 395-407, 2020. doi:10.1080/09720529.2020.1721870.
[10] K. Asrigo, L. Litty, and D. Lie, "Using VMM-based sensors to monitor honeypots," in Proceedings of the 2nd international conference on Virtual execution environments, 2006, pp. 13-23. doi:10.1145/1134760.1134765.
[11] I. Bello et al., "Detecting ransomware attacks using intelligent algorithms: Recent development and next direction from deep learning and big data perspectives," Journal of Ambient Intelligence and Humanized Computing, vol. 12, pp. 8699-8717, 2021. doi:10.1007/s12652-020-02630-7.
[12] P. Kumar, G. P. Gupta, and R. Tripathi, "Toward design of an intelligent cyber attack detection system using hybrid feature reduced approach for iot networks," Arabian Journal for Science and Engineering, vol. 46, pp. 3749-3778, 2021. doi:10.1007/s13369-020-05181-3.
[13] M. Rabbani, Y. L. Wang, R. Khoshkangini, H. Jelodar, R. Zhao, and P. Hu, "A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing," Journal of Network and Computer Applications, vol. 151, p. 102507, 2020. doi:10.1016/j.jnca.2019.102507.
[14] J. O. Onah, M. Abdullahi, I. H. Hassan, and A. Al-Ghusham, "Genetic Algorithm based feature selection and Naïve Bayes for anomaly detection in fog computing environment," Machine Learning with Applications, vol. 6, p. 100156, 2021. doi:10.1016/j.mlwa.2021.100156.
[15] F. Jemili, "Intelligent intrusion detection based on fuzzy Big Data classification," Cluster Computing, vol. 26, no. 6, pp. 3719-3736, 2023. doi:10.1007/s10586-022-03769-y.
[16] G. T. Reddy et al., "Analysis of dimensionality reduction techniques on big data," Ieee Access, vol. 8, pp. 54776-54788, 2020. doi:10.1109/ACCESS.2020.2980942.
[17] Y. Xu, Y. Sun, Z. Ma, H. Zhao, Y. Wang, and N. Lu, "Attribute selection based genetic network programming for intrusion detection system," Journal of Advanced Computational Intelligence and Intelligent Informatics, vol. 26, no. 5, pp. 671-683, 2022. doi:10.20965/jaciii.2022.p0671.
[18] D. A. Salih, Y. A. Mohamed, and M. Bashir, "Enhancing intrusion detection system performance against low frequent attacks using FC-ANN algorithem," Journal of Engineering Science and Technology, vol. 18, no. 5, pp. 2411-2431, 2023.
[19] H.-M. Lee and S.-J. Lee, "A Study on Security Event Detection in ESM Using Big Data and Deep Learning," International Journal of Internet, Broadcasting and Communication, vol. 13, no. 3, pp. 42-49, 2021. , doi:10.7236/IJIBC.2021.13.3.42
[20] M. Naveed et al., "A Deep Learning-Based Framework for Feature Extraction and Classification of Intrusion Detection in Networks," Wireless Communications and Mobile Computing, vol. 2022, 2022. doi:10.1155/2022/2215852.
[21] A. A. Alqarni, "Toward support-vector machine-based ant colony optimization algorithms for intrusion detection," Soft Computing, vol. 27, no. 10, pp. 6297-6305, 2023. doi:10.1007/s00500-023-07906-6.
[22] W. Mao, Z. Cai, Y. Yang, X. Shi, and X. Guan, "From big data to knowledge: A spatio-temporal approach to malware detection," Computers & Security, vol. 74, pp. 167-183, 2018. doi:10.1016/j.cose.2017.12.005.
[23] M. M. Shetty and D. Manjaiah, "Advanced Threat Detection Based on Big Data Technologies," in Cyber Warfare and Terrorism: Concepts, Methodologies, Tools, and Applications: IGI Global, 2020, pp. 808-822. ,doi:10.4018/978-1-5225-3015-2.ch001.
[24] M. Rabbani et al., "A review on machine learning approaches for network malicious behavior detection in emerging technologies," Entropy, vol. 23, no. 5, p. 529, 2021. doi:10.3390/e23050529.
[25] C.-H. Liu and W.-H. Chen, "The Study of Using Big Data Analysis to Detecting APT Attack," Journal of Computers, vol. 30, no. 1, pp. 206-222, 2019. doi:10.3966/199115992019023001020.
[26] G. Xu, W. Su, and Z. He, "An Efficient implementation of Network Malicious Traffic Screening based on Big Data Analytics," in 2021 2nd International Conference on Smart Electronics and Communication (ICOSEC), 2021: IEEE, pp. 1274-1277.doi: 10.1109/ICOSEC51865.2021.9591700
[27] J. Kevric, S. Jukic, and A. Subasi, "An effective combining classifier approach using tree algorithms for network intrusion detection," Neural Computing and Applications, vol. 28, no. Suppl 1, pp. 1051-1058, 2017. doi:10.1007/s00521-016-2418-1.