A design of a parallel network anomaly detection algorithm based on classification

In the present digital age and with the huge volume of data floating around, the information security has become utmost importance. Intrusion detection is the process of analysing various events in a system/network for possible presence of intrusion. The aim of an intrusion detection system is to protect the system from unauthorized access. Design of intrusion detection systems (IDS) has gained lots of importance in the recent years and has become the standard component of in network security. Intrusion detection systems operate either using anomaly based or signature based and in some cases IDS operate in a hybrid way. The data growth rate and the higher bandwidth and network speed makes it very difficult to process the data in real-time. Many researchers have focused in this area and have used data mining techniques for detecting the intrusions. Classification is a data mining technique used to predict group membership for each data instance. Classification is being used by various researchers for detection intrusions. Lot of classification algorithms have been developed for intrusion detection with respective strengths and weaknesses. This paper presents a novel classification algorithm based on distance measure and Relief-F feature weighting. The performance measures of intrusion detection are compared with the commonly used classification algorithms such as Naïve Bayes, Decision Tree and Support Vector Machine (SVM) and the proposed algorithm outperforms the above mentioned algorithms in terms of Detection Rate, Accuracy, False Alarm Rate, F-Score and Mathews Correlation Coefficient. The proposed algorithm is tested using a benchmark dataset (KDDcup99 dataset) and a real traces dataset (Kyoto 2006 + dataset). This study also intend to compare the execution time for various classifiers and the parallel performance of NADA since NADA outperforms all the other classifiers in terms of serial execution time. The algorithm is parallelized and the results are presented in terms of execution time with various data size, speed up and efficiency. © 2019, Bharati Vidyapeeth's Institute of Computer Applications and Management.