Towards a Big Data Architecture for Facilitating Cyber Threat Intelligence
作者: Charles Wheelus , Elias Bou-Harb , Xingquan Zhu
DOI: 10.1109/NTMS.2016.7792484
关键词: Malware 、 Big data 、 Computer security 、 Heterogeneous network 、 Computer science 、 Network security 、 Analytics 、 Data management 、 The Internet 、 Scalability
摘要: Internet and organizational network security is still threatened by devastating malicious activities. Given the continuous escalation of such attacks in terms their frequency, sophistication stealthiness, it paramount importance to generate effective cyber threat intelligence that aim at inferring, attributing, characterizing mitigating misdemeanors. Nevertheless, imperative tasks are partially impeded lack approaches can produce prompt accurate actionable investigating various traffic sources. In this paper, we propose evaluate a big data architecture rooted real-time processing, distributed messaging scalable storage. The key innovation behind proposed automates analysis heterogeneous data, allowing focus remain on devising analytics, rather than being hindered management, aggregation, reconciliation formatting. Empirical evaluations application machine learning analytics exploiting artifacts using 100 GB real traffic, indeed demonstrate practicality, effectiveness, addedvalue architecture.
sci-hub.se 参考文章(17)
Bharat V Buddhadev, Kanubhai K Patel, Machine Learning based Research for Network Intrusion Detection: A State-of-the-Art International Journal of Information and Network Security. ,vol. 3, ,(2014)
Roberto Perdisci, Guofei Gu, Wenke Lee, Junjie Zhang, BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection usenix security symposium. pp. 139- 154 ,(2008)
Monowar H. Bhuyan, D. K. Bhattacharyya, J. K. Kalita, Network Anomaly Detection: Methods, Systems and Tools IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 303- 336 ,(2014) , 10.1109/SURV.2013.052213.00046
Robin Sommer, Vern Paxson, Outside the Closed World: On Using Machine Learning for Network Intrusion Detection ieee symposium on security and privacy. pp. 305- 316 ,(2010) , 10.1109/SP.2010.25
Claude Fachkha, Elias Bou-Harb, Mourad Debbabi, Inferring distributed reflection denial of service attacks from darknet Computer Communications. ,vol. 62, pp. 59- 71 ,(2015) , 10.1016/J.COMCOM.2015.01.016
Elias Bou-Harb, Nour-Eddine Lakhdari, Hamad Binsalleeh, Mourad Debbabi, None, Multidimensional investigation of source port 0 probing Digital Investigation. ,vol. 11, pp. S114- S123 ,(2014) , 10.1016/J.DIIN.2014.05.012
Shan Suthaharan, Big data classification: problems and challenges in network intrusion prediction with machine learning measurement and modeling of computer systems. ,vol. 41, pp. 70- 73 ,(2014) , 10.1145/2627534.2627557
Daniela Brauckhoff, Xenofontas Dimitropoulos, Arno Wagner, Kavé Salamatian, Anomaly extraction in backbone networks using association rules IEEE ACM Transactions on Networking. ,vol. 20, pp. 1788- 1799 ,(2012) , 10.1109/TNET.2012.2187306
Charles Wheelus, Taghi M. Khoshgoftaar, Richard Zuech, Maryam M. Najafabadi, A Session Based Approach for Aggregating Network Traffic Data -- The SANTA Dataset bioinformatics and bioengineering. pp. 369- 378 ,(2014) , 10.1109/BIBE.2014.72
Colin Tankard, Big data security Network Security. ,vol. 2012, pp. 5- 8 ,(2012) , 10.1016/S1353-4858(12)70063-6