A Distributed Intrusion Detection Model via Nondestructive Partitioning and Balanced Allocation for Big Data

被引:11
作者
Wu, Xiaonian [1 ]
Zhang, Chuyun [3 ]
Zhang, Runlian [2 ]
Wang, Yujue [2 ]
Cui, Jinhua [4 ]
机构
[1] Guilin Univ Elect Technol, Guangxi Key Lab Trusted Software, Guilin 541004, Peoples R China
[2] Guilin Univ Elect Technol, Guangxi Key Lab Cryptog & Informat Secur, Guilin 541004, Peoples R China
[3] Guilin Univ Elect Technol, Guangxi Wireless Broadband Commun & Signal Proc K, Guilin 541004, Peoples R China
[4] Singapore Management Univ, Sch Informat Syst, Singapore 178902, Singapore
来源
CMC-COMPUTERS MATERIALS & CONTINUA | 2018年 / 56卷 / 01期
关键词
Distributed intrusion detection; data allocation; load balancing; data integrity; big data; HIGH-SPEED NETWORKS;
D O I
10.3970/cmc.2018.02449
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
There are two key issues in distributed intrusion detection system, that is, maintaining load balance of system and protecting data integrity. To address these issues, this paper proposes a new distributed intrusion detection model for big data based on nondestructive partitioning and balanced allocation. A data allocation strategy based on capacity and workload is introduced to achieve local load balance, and a dynamic load adjustment strategy is adopted to maintain global load balance of cluster. Moreover, data integrity is protected by using session reassemble and session partitioning. The simulation results show that the new model enjoys favorable advantages such as good load balance, higher detection rate and detection efficiency.
引用
收藏
页码:61 / 72
页数:12
相关论文
共 15 条
  • [1] Charitakis I, 2003, PROCEEDINGS OF THE 11TH IEEE/ACM INTERNATIONAL SYMPOSIUM ON MODELING, ANALYSIS AND SIMULATION OF COMPUTER TELECOMMUNICATIONS SYSTEMS, P238
  • [2] AN INTRUSION-DETECTION MODEL
    DENNING, DE
    [J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) : 222 - 232
  • [3] A framework for designing resilient distributed intrusion detection systems for critical infrastructures
    Genge, Bela
    Haller, Piroska
    Kiss, Istvan
    [J]. INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION, 2016, 15 : 3 - 11
  • [4] Toward the development of a big data analytics capability
    Gupta, Manjul
    George, Joey F.
    [J]. INFORMATION & MANAGEMENT, 2016, 53 (08) : 1049 - 1064
  • [5] Real-time intrusion detection for high-speed networks
    Jiang, WB
    Song, H
    Dai, YQ
    [J]. COMPUTERS & SECURITY, 2005, 24 (04) : 287 - 294
  • [6] Karger DavidR., 1997, P 29 ANN ACM S THEOR, P654
  • [7] Stateful intrusion detection for high-speed networks
    Kruegel, C
    Valeur, F
    Vigna, G
    Kemmerer, R
    [J]. 2002 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2002, : 285 - 293
  • [8] Lai HG, 2004, LECT NOTES COMPUT SC, V3089, P439
  • [9] Large-scale network intrusion detection algorithm based on distributed learning
    College of Computer Science and Technology, Jilin University, Changchun 130012, China
    不详
    [J]. Ruan Jian Xue Bao/Journal of Software, 2008, 19 (04): : 993 - 1003
  • [10] Dynamic tuning of the workload partition factor and the resource utilization in data-intensive applications
    Rosas, Claudia
    Sikora, Anna
    Jorba, Josep
    Moreno, Andreu
    Espinosa, Antonio
    Cesar, Eduardo
    [J]. FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE, 2014, 37 : 162 - 177
12