Abstract
The Network Security Monitoring System (NSMS) can use Big Data (BD) and K-means DT (K-means with distance threshold) algorithms to automatically learn and identify abnormal patterns in the network, improving the accuracy of network threat detection. In this article, KDD Cup 1999 and NSL KDD were selected as NSMS for dataset analysis. Preprocess the data; Extract statistical information, time series information, and traffic distribution characteristics. Value device DT further classifies regular attacks, remote location (R2L) attacks, and user to root (U2R) permission attacks. The experimental results show that the hybrid intrusion detection algorithm based on K-means DT achieves a network attack detection accuracy of 99.2% and a network attack detection accuracy of 98.9% on the NSL-KDD dataset. Hybrid intrusion detection algorithms can effectively improve the accuracy of network intrusion detection (NID). The hybrid intrusion detection system proposed in this article performs well on different datasets and can effectively detect various types of network intrusion attacks, with better performance than other algorithms. The NSMS designed in this article can cope with constantly changing network threats.
Reference36 articles.
1. Dynamic mining of sensitive data streams in heterogeneous and complex information networks;Xiong;Computer Engineering and Science,2020
2. Research on methods for obtaining sensitive data on social networks;Zhang;Software Guide,2018
3. Cyber threats for operational technologies;Assenza;International Journal of System of Systems Engineering,2020
4. Towards a taxonomy of cyber threats against target applications;Narwal;Journal of Statistics and Management Systems,2019
5. Overview of network intrusion detection technology;Jian;Journal of Information Security,2020