A novel approach in detecting intrusions using NSLKDD database and MapReduce programming

Meryem, Amar; Samira, Douzi; El Ouahidi, Bouabid; Mouad, Lemoudden

doi:10.1016/j.procs.2017.06.089

A novel approach in detecting intrusions using NSLKDD database and MapReduce programming

Meryem, Amar; Samira, Douzi; El Ouahidi, Bouabid; Mouad, Lemoudden

Authors

Amar Meryem

Douzi Samira

Bouabid El Ouahidi

Mouad Lemoudden M.Lemoudden@napier.ac.uk
Lecturer

Abstract

Due to the increasing usage of the cloud computing architecture, computer systems are facing many security challenges that render sensitive data visible and available to be counterfeited by malicious users and especially intruders. Log files are generated at every level of the computing infrastructure and represent a valuable source of information in detecting attacks. The main goal of this work is the identifiction and prediction of attacks and malicious behaviors by analyzing, classifying and labeling recorded activities in log files. This paper uses MapReduce programming to prior each user behavior, it also employs K-Means algorithm to cluster unknown events and K-NN supervised learning on NSLKDD database to define unlabelled classes.

Citation

Meryem, A., Samira, D., El Ouahidi, B., & Mouad, L. (2017). A novel approach in detecting intrusions using NSLKDD database and MapReduce programming. Procedia Computer Science, 110, 230-235. https://doi.org/10.1016/j.procs.2017.06.089

Journal Article Type	Article
Online Publication Date	Jul 12, 2017
Publication Date	2017
Deposit Date	Feb 28, 2023
Publicly Available Date	Feb 28, 2023
Journal	Procedia Computer Science
Print ISSN	1877-0509
Publisher	Elsevier
Peer Reviewed	Peer Reviewed
Volume	110
Pages	230-235
DOI	https://doi.org/10.1016/j.procs.2017.06.089
Keywords	Log files, NSLKDD, K-Means, K-NN, variance-covariance matrix