Title | ||
---|---|---|
Toward a monitoring and threat detection system based on stream processing as a virtual network function for big data |
Abstract | ||
---|---|---|
The late detection of security threats causes a significant increase in the risk of irreparable damages and restricts any defense attempt. In this paper, we propose a sCAlable TRAffic Classifier and Analyzer (CATRACA). CATRACA works as an efficient online Intrusion Detection and Prevention System implemented as a Virtualized Network Function. CATRACA is based on Apache Spark, a Big Data Streaming processing system, and it is deployed over the Open Platform for Network Functions Virtualization (OPNFV), providing an accurate real-time threat-detection service. The system presents a friendly graphical interface that provides real-time visualization of the traffic and the attacks that occur in the network. Our prototype can differentiate normal traffic from denial of service (DoS) attacks and vulnerability probes over 95% accuracy under three different datasets. Moreover, CATRACA handles streaming data under concept drift detection with more than 85% of accuracy. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1002/cpe.5344 | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE |
Keywords | Field | DocType |
big data,network traffic classification,stream processing,threat detection,virtual network function | Virtual network,Spark (mathematics),Open platform,Denial-of-service attack,Computer science,Concept drift,Real-time computing,Stream processing,Big data,Scalability,Distributed computing | Journal |
Volume | Issue | ISSN |
31.0 | 20.0 | 1532-0626 |
Citations | PageRank | References |
1 | 0.41 | 0 |
Authors | ||
6 |
Name | Order | Citations | PageRank |
---|---|---|---|
Martin Andreoni Lopez | 1 | 2 | 1.16 |
Martin Andreoni Lopez | 2 | 2 | 1.16 |
Diogo M. F. Mattos | 3 | 97 | 15.13 |
Diogo M. F. Mattos | 4 | 97 | 15.13 |
Otto Carlos Muniz Bandeira Duarte | 5 | 686 | 55.46 |
Guy Pujolle | 6 | 2015 | 267.64 |