International Journal of Internet, Broadcasting and Communication

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Security Event Detection in ESM Using Big Data and Deep Learning

  • Lee, Hye-Min (Interdisciplinary Program of Information Security, Chonnam National University) ;
  • Lee, Sang-Joon (Interdisciplinary Program of Digital Future Convergence Service, Chonnam National University)
  • Received : 2021.05.26
  • Accepted : 2021.06.07
  • Published : 2021.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

As cyber attacks become more intelligent, there is difficulty in detecting advanced attacks in various fields such as industry, defense, and medical care. IPS (Intrusion Prevention System), etc., but the need for centralized integrated management of each security system is increasing. In this paper, we collect big data for intrusion detection and build an intrusion detection platform using deep learning and CNN (Convolutional Neural Networks). In this paper, we design an intelligent big data platform that collects data by observing and analyzing user visit logs and linking with big data. We want to collect big data for intrusion detection and build an intrusion detection platform based on CNN model. In this study, we evaluated the performance of the Intrusion Detection System (IDS) using the KDD99 dataset developed by DARPA in 1998, and the actual attack categories were tested with KDD99's DoS, U2R, and R2L using four probing methods.

Keywords

Acknowledgement

This work was supported by an Institute of Information & communications Technology Planning & evaluation (IITP) grant funded by the Korean government (MSIT) (No. 2019-0-01343).

References

  1. J. K. Bae, "A Study on the Establishment of Enterprise Security Management System Based on Artificial Intelligence and BigData Analysis," Logos Management Review, Val.18, No.1, pp.151-166, 2020.
  2. Ensxoddl, Tistory. Submission of manuscript. https://ensxoddl.tistory.com/193.
  3. Anwar, Shahid, Mohamad Zain, Jasni and Zolkipli, Mohamad and Inayat, Zakira and Khan, Suleman and Anthony Jnr, Bokolo and Chang, Victor. "From intrusion detection to an intrusion response system: Fundamentals, requirements, and future directions" Algorithms, Val. 10, No. 30, 2017. Doi:10.3390/a10020039
  4. Jing-xin, Wang, Zhi-ying, Wang and Kui, Dai, "A Network Intrusion Detection System Based on the Artificial Neural Networks," Association for Computing machinery, Val.04, No.5, pp.166-170, 2004. https://doi.org/10.1145/1046290.1046324
  5. Manso. P, Moura. J and Serrao. C, "SDN-Based Intrusion Detection System for Early Detection and Mitigation of DDoS Attacks. Information," Vol. 10, No. 3, 106, 2019. https://doi.org/10.3390/info10030106
  6. Karim. I, Vien. Q. -T, Le. T. A and Mapp G. A, "Comparative Experimental Design and Performance Analysis of Snort-Based Intrusion Detection System in Practical Computer Networks," Computers. Vol. 6, No. 1, 6, 2017. https://doi.org/10.3390/computers6010006
  7. R. Xu, J. Cheng, F. Wang, X. Tang and J. Xu, "A DRDoS Detection and Defense Method Based on Deep Forest in the Big Data Environment," Symmetry, vol.11, No.1, pp.78, 2019. https://doi.org/10.3390/sym11010078
  8. Ramotsoela, Daniel and Abu-Mahfouz, Adnan and Hancke, Gerhard, "A Survey of Anomaly Detection in Industrial Wireless Sensor Networks with Critical Water System Infrastructure as a Case Study," Sensors, Vol. 18, No. 8, pp.2491, 2018. https://doi.org/10.3390/s18082491
  9. Zheng Zhang, Jun Li, C. N. Manikopoulos, Jay Jorgenson, Jose Ucles, "HIDE: A hierarchical network intrusion detection system using statistical preprocessing and neural network classification," IEEE Workshop on Information Assurance and Security, pp.5-6, 2001.6
  10. Levent Koc, Thomas A. Mazzuchi, Shahram Sarkani, "A network intrusion detection system based on a Hidden Naive Bayes multiclass classifier," Expert Systems with Applications, Val.39, No.18, pp.13492-13500, 2012. https://doi.org/10.1016/j.eswa.2012.07.009
  11. kdd.ics.uci, Submission of manuscript. https://kdd.ics.uci.edu/databases/kddcup99/task.html
  12. Paliwal, S. Gupta, R, "Denial-of-Service, Probing & Remote to User (R2L) Attack Detection using Genetic Algorithm," International Journal of Computer Applications, Val.60, pp.57-62, 2012.
  13. W. J. Kang, " An extended Access Control with Uncertain Context," International Journal of Computer Applications, International Journal of Advanced Smart Convergence, Vol. 7, No.4, pp. 66-74, 2018.