MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks
In recent years, there is an exponential explosion of data generation, collection, and processing in computer networks. With this expansion of data, network attacks have also become a congenital problem in complex networks. The resource utilization, complexity, and false alarm rates are major challe...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2021-07-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/21/14/4941 |
_version_ | 1797526062333165568 |
---|---|
author | Naveed Anjum Zohaib Latif Choonhwa Lee Ijaz Ali Shoukat Umer Iqbal |
author_facet | Naveed Anjum Zohaib Latif Choonhwa Lee Ijaz Ali Shoukat Umer Iqbal |
author_sort | Naveed Anjum |
collection | DOAJ |
description | In recent years, there is an exponential explosion of data generation, collection, and processing in computer networks. With this expansion of data, network attacks have also become a congenital problem in complex networks. The resource utilization, complexity, and false alarm rates are major challenges in current Network Intrusion Detection Systems (NIDS). The data fusion technique is an emerging technology that merges data from multiple sources to form more certain, precise, informative, and accurate data. Moreover, most of the earlier intrusion detection models suffer from overfitting problems and lack optimal detection of intrusions. In this paper, we propose a multi-source data fusion scheme for intrusion detection in networks (<i>MIND</i>) , where data fusion is performed by the horizontal emergence of two datasets. For this purpose, the Hadoop MapReduce tool such as, Hive is used. In addition, a machine learning ensemble classifier is used for the fused dataset with fewer parameters. Finally, the proposed model is evaluated with a 10-fold-cross validation technique. The experiments show that the average <i>accuracy</i>, <i>detection rate</i>, <i>false positive rate</i>, <i>true positive rate</i>, and <i>F-measure</i> are <i>99.80%</i>, <i>99.80%</i>, <i>0.29%</i>, <i>99.85%</i>, and <i>99.82%</i> respectively. Moreover, the results indicate that the proposed model is significantly effective in intrusion detection compared to other state-of-the-art methods. |
first_indexed | 2024-03-10T09:23:48Z |
format | Article |
id | doaj.art-81980ea1d7264d93af400cf25d664ac9 |
institution | Directory Open Access Journal |
issn | 1424-8220 |
language | English |
last_indexed | 2024-03-10T09:23:48Z |
publishDate | 2021-07-01 |
publisher | MDPI AG |
record_format | Article |
series | Sensors |
spelling | doaj.art-81980ea1d7264d93af400cf25d664ac92023-11-22T04:58:21ZengMDPI AGSensors1424-82202021-07-012114494110.3390/s21144941MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in NetworksNaveed Anjum0Zohaib Latif1Choonhwa Lee2Ijaz Ali Shoukat3Umer Iqbal4Department of Computing, Riphah International University, Faisalabad 38000, PakistanDepartment of Computer Science, Hanyang University, Seoul 04763, KoreaDepartment of Computer Science, Hanyang University, Seoul 04763, KoreaDepartment of Computing, Riphah International University, Faisalabad 38000, PakistanDepartment of Computing, Riphah International University, Faisalabad 38000, PakistanIn recent years, there is an exponential explosion of data generation, collection, and processing in computer networks. With this expansion of data, network attacks have also become a congenital problem in complex networks. The resource utilization, complexity, and false alarm rates are major challenges in current Network Intrusion Detection Systems (NIDS). The data fusion technique is an emerging technology that merges data from multiple sources to form more certain, precise, informative, and accurate data. Moreover, most of the earlier intrusion detection models suffer from overfitting problems and lack optimal detection of intrusions. In this paper, we propose a multi-source data fusion scheme for intrusion detection in networks (<i>MIND</i>) , where data fusion is performed by the horizontal emergence of two datasets. For this purpose, the Hadoop MapReduce tool such as, Hive is used. In addition, a machine learning ensemble classifier is used for the fused dataset with fewer parameters. Finally, the proposed model is evaluated with a 10-fold-cross validation technique. The experiments show that the average <i>accuracy</i>, <i>detection rate</i>, <i>false positive rate</i>, <i>true positive rate</i>, and <i>F-measure</i> are <i>99.80%</i>, <i>99.80%</i>, <i>0.29%</i>, <i>99.85%</i>, and <i>99.82%</i> respectively. Moreover, the results indicate that the proposed model is significantly effective in intrusion detection compared to other state-of-the-art methods.https://www.mdpi.com/1424-8220/21/14/4941data fusionnetwork intrusion detection systemsanomaly detectionmachine learningensemble learning |
spellingShingle | Naveed Anjum Zohaib Latif Choonhwa Lee Ijaz Ali Shoukat Umer Iqbal MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks Sensors data fusion network intrusion detection systems anomaly detection machine learning ensemble learning |
title | MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks |
title_full | MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks |
title_fullStr | MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks |
title_full_unstemmed | MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks |
title_short | MIND: A Multi-Source Data Fusion Scheme for Intrusion Detection in Networks |
title_sort | mind a multi source data fusion scheme for intrusion detection in networks |
topic | data fusion network intrusion detection systems anomaly detection machine learning ensemble learning |
url | https://www.mdpi.com/1424-8220/21/14/4941 |
work_keys_str_mv | AT naveedanjum mindamultisourcedatafusionschemeforintrusiondetectioninnetworks AT zohaiblatif mindamultisourcedatafusionschemeforintrusiondetectioninnetworks AT choonhwalee mindamultisourcedatafusionschemeforintrusiondetectioninnetworks AT ijazalishoukat mindamultisourcedatafusionschemeforintrusiondetectioninnetworks AT umeriqbal mindamultisourcedatafusionschemeforintrusiondetectioninnetworks |