Neelam Patidar,Sally Zreiqat,Sirisha Mahesh,Jongwook Woo

2024-06-14

Abstract:In the landscape of the Internet of Things (IoT), transforming various industries, our research addresses the growing connectivity and security challenges, including interoperability and standardized protocols. Despite the anticipated exponential growth in IoT connections, network security remains a major concern due to inadequate datasets that fail to fully encompass potential cyberattacks in realistic IoT environments. Using Apache Hadoop and Hive, our in-depth analysis of security vulnerabilities identified intricate patterns and threats, such as attack behavior, network traffic anomalies, TCP flag usage, and targeted attacks, underscoring the critical need for robust data platforms to enhance IoT security.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Bijender Bansal,V. Nisha Jenipher,Rituraj Jain,R. Dilip,Makhan Kumbhkar,Sabyasachi Pramanik,Sandip Roy,Ankur Gupta

DOI: https://doi.org/10.1002/9781119812555.ch11

2022-03-27

Abstract:Research is considering security of big data and retaining the performance during its transmission over network. It has been observed that there have been several researches that have considered the concept of big data. Moreover, a lot of those researches also provided security against data but failed to retain the performance. Use of several encryption mechanisms such as RSA [43] and AES [44] has been used in previous researches. But, if these encryption mechanisms are applied, then the performance of network system gets degraded. In order to resolve those issues, the proposed work is making using of compression mechanism to reduce the size before implementing encryption. Moreover, data is spitted in order to make the transmission more reliable. After splitting the data contents data has been transferred from multiple route. If some hackers opt to capture that data in unauthentic manner, then they would be unable to get complete and meaning full information. Thus, the proposed model has improved the security of big data in network environment by integration of compression and splitting mechanism with big data encryption. Moreover, the use of user‐defined port and use of multiple paths during transmission of big data in split manner increases the reliability and security of big data over network environment.

Dr.D.S. John Deva Prasanna,Dr.K. Punitha,Dr.M. Naga Raju,Dr.F. Rahman,Kamlesh Kumar Yadav

DOI: https://doi.org/10.58346/jisis.2024.i3.024

2024-08-30

Abstract:One crucial thing that hackers always do is gather information about the state of networks by breaking into files and systems that are used in defense models. Threats can get into these platforms. Much information is constantly coming into and going out of systems and people. To find potentially harmful security trends, the Intrusion Detection System (IDS) has to look through this growing amount of data. Our surroundings and choices now make it very hard to quickly and correctly find intrusions. To find people who try to get into a communication system without permission, creating an intrusion detection system (IDS) that uses big data techniques to handle large amounts of complex data is essential. This work uses artificial intelligence (AI), which is aware of a vast amount of data, to make an IDS that is very good at dealing with these problems. The study created a unique structure for the Long Short-Term Memory (LSTM) method, which can find complex links and long-lasting patterns in arriving at network traffic data. By using this method, the system can successfully lower the number of false warnings and improve the accuracy of the IDS that was created. Big Data Analysis (BDA) could make the AI methods discussed in this study more useful. These methods are currently slow because they are very complicated. Using these techniques makes running the complicated model go more quickly. The researchers used the tool on the Spark platform for in-depth studies. The NSL-KDD database was used to train for the tests. The results show that the algorithm is better than other IDS systems regarding how often it finds problems, how usually it sets off fake alarms, how accurate it is, how efficiently it works, and how long it takes to train.

Phani Lanka,Khushi Gupta,Cihan Varol

DOI: https://doi.org/10.3390/electronics13132465

IF: 2.9

2024-06-25

Electronics

Abstract:Security adversaries are rampant on the Internet, constantly seeking vulnerabilities to exploit. The sheer proliferation of these sophisticated threats necessitates innovative and swift defensive measures to protect the vulnerable infrastructure. Tools such as honeypots effectively determine adversary behavior and safeguard critical organizational systems. However, it takes a significant amount of time to analyze these attacks on the honeypots, and by the time actionable intelligence is gathered from the attacker's tactics, techniques, and procedures (TTPs), it is often too late to prevent potential damage to the organization's critical systems. This paper contributes to the advancement of cybersecurity practices by presenting a cutting-edge methodology, capitalizing on the synergy between artificial intelligence and threat analysis to combat evolving cyber threats. The current research articulates a novel strategy, outlining a method to analyze large volumes of attacker data from honeypots utilizing large language models (LLMs) to assimilate TTPs and apply this knowledge to identify real-time anomalies in regular user activity. The effectiveness of this model is tested in real-world scenarios, demonstrating a notable reduction in response time for detecting malicious activities in critical infrastructure. Moreover, we delve into the proposed framework's practical implementation considerations and scalability, underscoring its adaptability in diverse organizational contexts.

engineering, electrical & electronic,computer science, information systems,physics, applied

Praveen Banasode,Sunita Padmannavar

DOI: https://doi.org/10.1109/fabs52071.2021.9702689

2021-12-21

Abstract:the revolution caused by the advanced analysis features of Internet of Things and big data have made a big turnaround in the digital world. Data analysis is not only limited to collect useful data but also useful in analyzing information quickly. Therefore, most of the variants of the shared system based on the parallel structural model are explored simultaneously as the appropriate big data storage library stimulates researchers’ interest in the distributed system. Due to the emerging digital technologies, different groups such as healthcare facilities, financial institutions, e-commerce, food service and supply chain management generate a surprising amount of information. Although the process of statistical analysis is essential, it can cause significant security and privacy issues. Therefore, the analysis of data privacy protection is very important. Using the platform, technology should focus on providing Advanced Cryptography Policy (ACP). This research explores different security risks, evolutionary mechanisms and risks of privacy protection. It further recommends the post-statistical modern privacy protection act to manage data privacy protection in binary format, because it is kept confidential by the user. The user authentication program has already filed access restrictions. To maintain this purpose, everyone’s attitude is to achieve a changing identity. This article is designed to protect the privacy of users and propose a new system of restoration of controls.

Gayatri Kapil,Alka Agrawal,Abdulaziz Attaallah,Abdullah Algarni,Rajeev Kumar,Raees Ahmad Khan

DOI: https://doi.org/10.7717/peerj-cs.259

2020-02-17

Abstract:Hadoop has become a promising platform to reliably process and store big data. It provides flexible and low cost services to huge data through Hadoop Distributed File System (HDFS) storage. Unfortunately, absence of any inherent security mechanism in Hadoop increases the possibility of malicious attacks on the data processed or stored through Hadoop. In this scenario, securing the data stored in HDFS becomes a challenging task. Hence, researchers and practitioners have intensified their efforts in working on mechanisms that would protect user's information collated in HDFS. This has led to the development of numerous encryption-decryption algorithms but their performance decreases as the file size increases. In the present study, the authors have enlisted a methodology to solve the issue of data security in Hadoop storage. The authors have integrated Attribute Based Encryption with the honey encryption on Hadoop, i.e., Attribute Based Honey Encryption (ABHE). This approach works on files that are encoded inside the HDFS and decoded inside the Mapper. In addition, the authors have evaluated the proposed ABHE algorithm by performing encryption-decryption on different sizes of files and have compared the same with existing ones including AES and AES with OTP algorithms. The ABHE algorithm shows considerable improvement in performance during the encryption-decryption of files.

Brij Mala -,Sanskar Agrawal -,Aditya Sharma -,Rupinder Kaur -

DOI: https://doi.org/10.36948/ijfmr.2023.v05i06.8876

2023-11-21

International Journal For Multidisciplinary Research

Abstract:In today’s world security and privacy are the most needed qualities of any network. From calling to online transactions all occur on the network on daily basis. So there is the need to analyse the network in which all these activities occur. Network analysis thus plays a vital role in maintaining and optimizing network performance, security and troubleshooting. This paper researches on the topic network traffic analysis using Wireshark. Wireshark is an open source network packet analyser and it can be used by security administrators to analyse the traffic, analyse data packets and their role in shaping network behaviour. The network analysis using Wireshark will help to know any suspicious or malicious traffic in our network so that timely action can be taken to avoid attacks like DDOS, Man-in-the middle etc.

Jakrarin Therdphapiyanak,Krerk Piromsopa

DOI: https://doi.org/10.1145/2448556.2448559

2013-01-01

Abstract:In this paper, we apply Hadoop for large-scale log analysis. Our main objective is to efficiently detect an abnormal traffic from high volume data. Due to the high volume of data traffics, the size of traffic logs is usually exceed the capacity of a standalone IDS. Thus, it is practically impossible to perform useful analysis with these data. In most cases, an analysis is usually done when an attack occurred for digital forensics. We proposed applying K-Means algorithm to cluster high volume log data. The resulted clusters are useful in classifying minority as possible intruders. In addition, we proposed IP address summarization method to capture the characteristic of each cluster. Our implementation allows high volume data traffics to be analyzed with a distributed analysis system using K-Means algorithm and data mining. The eventual result is to reduce a chance of being attacked. The prominent points of our implementation are anomaly detection with large file sizes and the distributed processing. However, this paper is just a preliminary study. There exist several opportunities for optimization. Nonetheless, our implementation can point out anomaly. The K-Means Algorithm can provide a new knowledge useful for enhancing security of the system.

Yajing Wang,Juan Ma,Ashutosh Sharma,Pradeep Kumar Singh,Gurjot Singh Gaba,Mehedi Masud,Mohammed Baz

DOI: https://doi.org/10.1155/2021/5558860

IF: 2.336

2021-05-28

Journal of Sensors

Abstract:Intrusion detection is crucial in computer network security issues; therefore, this work is aimed at maximizing network security protection and its improvement by proposing various preventive techniques. Outlier detection and semisupervised clustering algorithms based on shared nearest neighbors are proposed in this work to address intrusion detection by converting it into a problem of mining outliers using the network behavior dataset. The algorithm uses shared nearest neighbors as similarity, judges whether it is an outlier according to the number of nearest neighbors of a data point, and performs semisupervised clustering on the dataset where outliers are deleted. In the process of semisupervised clustering, vast prior knowledge is added, and the dataset is clustered according to the principle of graph segmentation. The novelty of the proposed algorithm lies in outlier detection while effectively avoiding the dependence on parameters, thus eliminating the influence of outliers on clustering. This article uses real datasets: lypmphography and glass for simulation purposes. The simulation results show that the algorithm proposed in this paper can effectively detect outliers and has a good clustering effect. Furthermore, the experimentation reveals that the outlier detection-based SCA-SNN algorithm has the best practical effect on the dataset without outliers, clearly validating the clustering performance of the outlier detection-based SCA-SNN algorithm. Furthermore, compared to the other state-of-the-art anomaly detection method, it was revealed that the anomaly detection technology based on outlier mining does not require a training process. Thus, they overcome the current anomaly detection problems caused due to incomplete normal patterns in training samples.

engineering, electrical & electronic,instruments & instrumentation

Khloud Al Jallad,Mohamad Aljnidi,Mohammad Said Desouki

DOI: https://doi.org/10.48550/arXiv.2209.13961

2022-09-28

Cryptography and Security

Abstract:With the growing use of information technology in all life domains, hacking has become more negatively effective than ever before. Also with developing technologies, attacks numbers are growing exponentially every few months and become more sophisticated so that traditional IDS becomes inefficient detecting them. This paper proposes a solution to detect not only new threats with higher detection rate and lower false positive than already used IDS, but also it could detect collective and contextual security attacks. We achieve those results by using Networking Chatbot, a deep recurrent neural network: Long Short Term Memory (LSTM) on top of Apache Spark Framework that has an input of flow traffic and traffic aggregation and the output is a language of two words, normal or abnormal. We propose merging the concepts of language processing, contextual analysis, distributed deep learning, big data, anomaly detection of flow analysis. We propose a model that describes the network abstract normal behavior from a sequence of millions of packets within their context and analyzes them in near real-time to detect point, collective and contextual anomalies. Experiments are done on MAWI dataset, and it shows better detection rate not only than signature IDS, but also better than traditional anomaly IDS. The experiment shows lower false positive, higher detection rate and better point anomalies detection. As for prove of contextual and collective anomalies detection, we discuss our claim and the reason behind our hypothesis. But the experiment is done on random small subsets of the dataset because of hardware limitations, so we share experiment and our future vision thoughts as we wish that full prove will be done in future by other interested researchers who have better hardware infrastructure than ours.

Mohamed Azharudheen A,Vijayalakshmi V

DOI: https://doi.org/10.58414/scientifictemper.2024.15.2.30

2024-06-15

Abstract:Due to the increasing volume of data, the importance of data analysis systems has become more critical. An intrusion detection system is a type of software that monitors and analyzes the data collected by a network or system. Due to the increasing volume of data collected in the medical field, it has become harder for traditional methods to detect unauthorized access and manipulation of the data. To advance the efficiency of big data analysis, various techniques are used in IDS. This paper proposes a method that combines the deep learning network and proposed optimization algorithm. The goal of this paper is to develop a classification model that takes into account the hidden layer nodes of the DBN and then implement a PSO algorithm to improve its structure. The results of the simulations show that the Spark-DBN-PSO algorithm achieves a 99.04% accuracy rate, which is higher than the accuracy of other deep neural network (DNN) and artificial neural network (ANN) algorithms. The results of the research demonstrate that the proposed methodology performs superior than the existing algorithm.

Qiang Zhang,Dehui Ma

DOI: https://doi.org/10.1088/1742-6596/1744/3/032199

2021-02-01

Journal of Physics: Conference Series

Abstract:Abstract With the maturity and expand of big data tech, based on BDA, it can realize the real-time monitoring of network data and information, and help the system to make autonomous and dynamic decision-making and processing of network security events. At present, there are still some problems and deficiencies in the utilization of Network Security Analysis (NSA), which need to be improved urgently. Based on this, this paper first analyses the current situation of Computer Network Security (CNS), then studies the characteristics and utilization of big data tech, and finally gives the specific implementation and utilization of network security based on big data tech.

S. Banaeian Far,A. Imani Rad

DOI: https://doi.org/10.48550/arXiv.1808.09491

2018-08-29

Abstract:The volume of data exchange in this network is ascending, by expansing of internet of things and its increasing familiarity in recent years. By increasing of requests for joining to the network and taking advantage of its services, necessity to maintain the privacy and security is felt more than ever and the whole thing has changed into a challenge. Keeping the security of the users in small networks seems to be simpler and the threats more predictable. As the users of the network which are sensors, the volume of data increases as well. As a result the routers of the network and network servers has become a seriously challenging task to control and maintain the security for this volume of data. We analyze these challenges in this paper. This paper aims to maintain the security of the users and present procedures to dominate the problems and express the strategies to overcome them. Some methods such as using both encryption function and secure protocol are proposed. Other method to overcome over big data challenges is smart design of communication protocol. Finally, we point out some future challenges of big-data on the internet of thing network.

Cryptography and Security

Wei Huang

DOI: https://doi.org/10.1088/1742-6596/1881/2/022049

2021-04-01

Journal of Physics: Conference Series

Abstract:Abstract The era of big data promotes the development of computer network, which plays a very important role. Big data can improve people’s life and work enthusiasm with high quality, and further sublimate the standard of the masses. Because of the openness of computer network, it always leads to unnecessary security problems. Therefore, in order to apply the computer network on a large scale and avoid the information leakage caused by the network, this paper proposes the research on the design of computer network security defense system based on the background of big data. First of all, the importance of computer network security is discussed; secondly, the types of network security attacks are discussed, and the computer network security defense system is built by using multi angle and active security defense strategy to maintain the safe operation of the network; then, the risk algorithm is analyzed, and the risk of the whole computer network can be estimated by setting the weight according to the importance of the obtained resources So as to formulate reasonable safety measures. Finally, through the system test, the system has good analysis ability and defense ability, and has outstanding effect in computer network defense.

Dingde Jiang,Yuqing Wang,Zhihan Lv,Sheng Qi,Surjit Singh

DOI: https://doi.org/10.1109/tii.2019.2930226

IF: 12.3

2020-02-01

IEEE Transactions on Industrial Informatics

Abstract:In this article, we propose a big data based analysis framework to analyze and extract network behaviors in cellular networks for Industry 4.0 applications from a big data perspective, using Hadoop, Hive, HBase, and so on. The data prehandling and traffic flow extraction approaches are presented to construct effective traffic matrices. Accordingly, we can capture network behaviors in cellular networks from a networkwide perspective. Although there have been a number of prior studies on cellular network usage, to the best of our knowledge, this article is a first study that characterizes network behaviors using the big data analytics to analyze a network big data of call detail records over a longer duration (five months), with more users (five million), more records (several hundred million lines) and nationwide coverage. The call pattern analysis and network behavior extraction approaches are designed to perform big data analysis and feature extractions. Then, the corresponding algorithms are proposed to characterize network behaviors, i.e., cellular call patterns and network resource usage. The detailed evaluation is proposed to validate our method. For example, we find that some unpopular calls can last longer time and thus consume more network resources.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Shreyanth S

2023-06-16

Abstract:As the reliance on wireless sensor networks (WSNs) rises in numerous sectors, cyberattack prevention and data transmission integrity become essential problems. This study provides a complete framework to handle these difficulties by integrating a cognitive intelligence (CI) framework, an information processing protocol, and sophisticated artificial intelligence (AI) and big data analytics approaches. The CI architecture is intended to improve WSN security by dynamically reacting to an evolving threat scenario. It employs artificial intelligence algorithms to continuously monitor and analyze network behavior, identifying and mitigating any intrusions in real time. Anomaly detection algorithms are also included in the framework to identify packet drop instances caused by attacks or network congestion. To support the CI architecture, an information processing protocol focusing on efficient and secure data transfer within the WSN is introduced. To protect data integrity and prevent unwanted access, this protocol includes encryption and authentication techniques. Furthermore, it enhances the routing process with the use of AI and big data approaches, providing reliable and timely packet delivery. Extensive simulations and tests are carried out to assess the efficiency of the suggested framework. The findings show that it is capable of detecting and preventing several forms of assaults, including as denial-of-service (DoS) attacks, node compromise, and data tampering. Furthermore, the framework is highly resilient to packet drop occurrences, which improves the WSN's overall reliability and performance

Cryptography and Security,Machine Learning,Networking and Internet Architecture

S. Suganya,S. Selvamuthukumaran

DOI: https://doi.org/10.3233/jifs-233579

2023-08-05

Abstract:Hadoop is a big data processing system that enables the distributed processing of massive data sets across multiple computers using straightforward programming techniques. Hadoop has been extensively investigated in many attacks as a result of its growing significance in industry. A company may learn about the actions of invaders as well as the weaknesses of the Hadoop cluster by examining a significant quantity of data from the log file. In a Big Data setting, the goal of the paper is to generate an analytical classification for intrusion detection. In this study, Hadoop log files were examined based on assaults that were recorded in the log files. Prior to analysis, the log data is cleaned and improved using a Hadoop preprocessing tool. For feature extraction, the hybrid Improved Sparrow Search Algorithm with Mutual Information Maximization (H-ISSA-MIM). Then the CNN (Convolutional Neural Network) classifier will detect the intrusions. The implementation is performed using the MATLAB 2020a software. The performance metrics like accuracy, precision, F-score, recall, specificity, FPR, FNR are calculated for the proposed methodology and it is compared with the existing techniques like Decision Tree (DT), Principal Components Analysis (PCA)- K means, Long Short Time Memory (LSTM). The maximum value of accuracy finds out in the proposed method 98% .

PP Anjali,A Binu

DOI: https://doi.org/10.48550/arXiv.1312.5469

2013-12-19

Distributed, Parallel, and Cluster Computing

Abstract:Big data analysis has become much popular in the present day scenario and the manipulation of big data has gained the keen attention of researchers in the field of data analytics. Analysis of big data is currently considered as an integral part of many computational and statistical departments. As a result, novel approaches in data analysis are evolving on a daily basis. Thousands of transaction requests are handled and processed everyday by different websites associated with e-commerce, e-banking, e-shopping carts etc. The network traffic and weblog analysis comes to play a crucial role in such situations where Hadoop can be suggested as an efficient solution for processing the Netflow data collected from switches as well as website access-logs during fixed intervals.

Nishant Shandilya -,Siddham Singh Rao -,V. Phanindra Varma -,Dr. V. Nivedita -

DOI: https://doi.org/10.36948/ijfmr.2024.v06i03.19649

2024-05-17

International Journal For Multidisciplinary Research

Abstract:Since the lack of sufficient security mechanisms, domain system (DNS) has become the main operational infrastructure for cyber intruders to launch cyber-attacks. Therefore, how to discover and block the potential malicious domains and its corresponding IP addresses fast and accurately has become a hot research area as it is one of the most important method in preventing unknown cyber-attacks. In this paper, we proposed an approach to detect malicious domains by analyzing massive mobile web traffic data. We used multiple features to classify, including the textual features and the traffic statistics features of domains and presented three typical classifiers to compare the classifying effect of each. Spark framework is leveraged to speed up the calculation of a large-scale DNS traffic. The efficiency of our system makes us believe the approach can help a lot in the field of network security. The new features are harder to be tampered with and can help determine whether a domain is malicious from a more comprehensive perspective. We evaluate MalPortrait on the passive DNS traffic collected from real-world large ISP networks.

A. Adamov

DOI: https://doi.org/10.48550/arXiv.2301.12454

2023-01-29

Abstract:Huge amounts of data being generated continuously by digitally interconnected systems of humans, organizations and machines. Data comes in variety of formats including structured, unstructured and semi-structured, what makes it impossible to apply the same standard approaches, techniques and algorithms to manage and process this data. Fortunately, the enterprise level distributed platform named Hadoop Ecosystem exists. This paper explores Apache Hive component that provides full stack data managements functionality in terms of Data Definition, Data Manipulation and Data Processing. Hive is a data warehouse system, which works with structured data stored in tables. Since, Hive works on top the Hadoop HDSFS, it benefits from extraordinary feature of HDFS including Fault Tolerance, Reliability, High Availability, Scalability, etc. In addition, Hive can take advantage of distributed computing power of the cluster through assigning jobs to MapReduce, Tez and Spark engines to run complex queries. The paper is focused on studying of Hive Data Model and analysis of processing performance done by MapReduce and Tez.

English Else