TY - GEN
T1 - Big data analysis architecture for multi IDS sensors using memory based processor
AU - Saputra, Ferry Astika
AU - Salman, Muhammad
AU - Ramli, Kalamullah
AU - Abdillah, Abid
AU - Syarif, Iwan
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/12/19
Y1 - 2017/12/19
N2 - The massive internet usage is followed by the rise of cyber-related crime such as information stealing, denial-of-service (DoS) attack, trojan and malware. To cope with the threats, one of most popular choice is using Intrusion Detection System (IDS). The logs produced by IDS in a day is huge and the limitation of computing power is the main problem to process that logs files. In this paper, we propose a big data analysis architecture of multi IDS sensors using in-memory data processing. Deployed IDS sensors are taking an extra role as computation slave to build scalable data analysis platform for network security analysis. So, adding more sensors means expanding computational resources. Adding to three sensors are helping data computation of clustering algorithm faster up to 27% comparing to the computation by using only one sensor. This research also introduces the use of memory-based processor, this system provides 7,9 times faster data processing than conservative MapReduce operation. And moreover, we also have performed botnets classification over Spark RDD that give high accuracy result to 99%.
AB - The massive internet usage is followed by the rise of cyber-related crime such as information stealing, denial-of-service (DoS) attack, trojan and malware. To cope with the threats, one of most popular choice is using Intrusion Detection System (IDS). The logs produced by IDS in a day is huge and the limitation of computing power is the main problem to process that logs files. In this paper, we propose a big data analysis architecture of multi IDS sensors using in-memory data processing. Deployed IDS sensors are taking an extra role as computation slave to build scalable data analysis platform for network security analysis. So, adding more sensors means expanding computational resources. Adding to three sensors are helping data computation of clustering algorithm faster up to 27% comparing to the computation by using only one sensor. This research also introduces the use of memory-based processor, this system provides 7,9 times faster data processing than conservative MapReduce operation. And moreover, we also have performed botnets classification over Spark RDD that give high accuracy result to 99%.
KW - Intrusion detection system
KW - Memory-based Processor
KW - big data architecture
KW - network data analysis
UR - http://www.scopus.com/inward/record.url?scp=85046546356&partnerID=8YFLogxK
U2 - 10.1109/KCIC.2017.8228456
DO - 10.1109/KCIC.2017.8228456
M3 - Conference contribution
AN - SCOPUS:85046546356
T3 - Proceedings - International Electronics Symposium on Knowledge Creation and Intelligent Computing, IES-KCIC 2017
SP - 40
EP - 45
BT - Proceedings - International Electronics Symposium on Knowledge Creation and Intelligent Computing, IES-KCIC 2017
A2 - Bagar, Fahim Nur Cahya
A2 - Zainudin, Ahmad
A2 - Al Rasyid, M. Udin Harun
A2 - Briantoro, Hendy
A2 - Akbar, Zulhaydar Fairozal
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 6th International Electronics Symposium on Knowledge Creation and Intelligent Computing, IES-KCIC 2017
Y2 - 26 September 2017 through 27 September 2017
ER -