Title
Large-scale network intrusion detection based on distributed learning algorithm
Abstract
As network traffic bandwidth is increasing at an exponential rate, it’s impossible to keep up with the speed of networks by just increasing the speed of processors. Besides, increasingly complex intrusion detection methods only add further to the pressure on network intrusion detection (NIDS) platforms, so the continuous increasing speed and throughput of network poses new challenges to NIDS. To make NIDS usable in Gigabit Ethernet, the ideal policy is using a load balancer to split the traffic data and forward those to different detection sensors, which can analyze the splitting data in parallel. In order to make each slice contains all the evidence necessary to detect a specific attack, the load balancer design must be complicated and it becomes a new bottleneck of NIDS. To simplify the load balancer this paper put forward a distributed neural network learning algorithm (DNNL). Using DNNL a large data set can be split randomly and each slice of data is presented to an independent neural network; these networks can be trained in distribution and each one in parallel. Completeness analysis shows that DNNL’s learning algorithm is equivalent to training by one neural network which uses the technique of regularization. The experiments to check the completeness and efficiency of DNNL are performed on the KDD’99 Data Set which is a standard intrusion detection benchmark. Compared with other approaches on the same benchmark, DNNL achieves a high detection rate and low false alarm rate.
Year
DOI
Venue
2009
10.1007/s10207-008-0061-2
Int. J. Inf. Sec.
Keywords
Field
DocType
nids usable,load balancer,neural network,dnnl achieves a high detection rate and low false alarm rate.,detection benchmark. compared with other approaches on the same benchmark,complex intrusion detection method,network intrusion detection,network traffic bandwidth,independent neural network,large-scale network intrusion detection,high detection rate,standard intrusion detection benchmark,different detection sensor,load balance,intrusion detection,intrusion detection system,false alarm rate
Bottleneck,Computer security,Load balancing (computing),Computer science,Algorithm,Real-time computing,Bandwidth (signal processing),Gigabit Ethernet,Constant false alarm rate,Throughput,Artificial neural network,Intrusion detection system
Journal
Volume
Issue
ISSN
8
1
1615-5270
Citations 
PageRank 
References 
5
0.45
23
Authors
3
Name
Order
Citations
PageRank
Daxin Tian1334.51
Yanheng Liu222836.14
Yang Xiang32930212.67