Zero-day Attack Identification in Streaming data: Nearest Neighbor Heuristics and Dynamic Semantic Network Generation in the Spark eco-system
Loading...
Links to Files
Permanent Link
Collections
Author/Creator
Author/Creator ORCID
Date
2017-01-01
Department
Information Systems
Program
Information Systems
Citation of Original Publication
Rights
This item may be protected under Title 17 of the U.S. Copyright Law. It is made available by UMBC for non-commercial research and education. For permission to publish or reproduce, please see http://aok.lib.umbc.edu/specoll/repro.php or contact Special Collections at speccoll(at)umbc.edu
Distribution Rights granted to UMBC by the author.
Distribution Rights granted to UMBC by the author.
Subjects
Abstract
Intrusion Detection Systems (IDS's) have been in existence for many years now, but they fall short in efficiently detecting zero-day attacks. Over the past decade, anomaly detection has attracted wide attention of numerous researchers to overcome the shortcomings of IDSs (Intrusion Detection Systems) in detecting zero-day attacks. In this research, we design an organic combination of Semantic Link Networks (SLN) and Dynamic Graph generation for the zero-day attacks on the fly into one comprehensive system. Furthermore, to deal with increasing volumes of network traffic and improve full packet analysis efficiency, we employ Spark Streaming platform for parallel detection. To substantiate the performance of zero-day attack detection process; we calculate the relevance of each feature in KDD'99 intrusion detection datasets. Compared to the previous studies on Zero-day attack identification, we witnessed comparably good results as we employed semantic learning and reasoning on top of the training data and also collaborative classification methods.