A NOVEL DISTRIBUTED INTRUSION DETECTION FRAMEWORK FOR NETWORK ANALYSIS

Abstract

Computer networks are used to transfer information between different types of computer devices. Due to rapid development in internet technologies, network users and communication increases day by day. Hence there is a need for huge data analysis, but a currently available tool has been facing a bottleneck. The volume of data along with the speed it generates makes it difficult for the current available tools to handle big data. To overcome this situation, big data packet analysis can be performed through a cloud computing platform for distributed storage (HDFS) and distributed processing (map reduce). However, with the extensive use of cloud computing, security issues arise. With increase of networks, security methods also need to be increased day by day. Hence, intrusion detection system (IDS) are essential components in secure network environment monitors network traffic and allows early detection attacks and alerts the system. Snort is most commonly used IDS available under GPL, which allows pattern search. Hence, there is an urgent need to intelligent intrusion detection systems (IDSs) to detect intrusions automatically. The functionality of Snort IDS can be extended by integrating anomaly preprocessor to detect new attacks. This paper provides a novel distributed Intrusion detection framework for network analysis using snort and Hadoop.