Browse > Article
http://dx.doi.org/10.13089/JKIISC.2017.27.5.1117

A Normal Network Behavior Profiling Method Based on Big Data Analysis Techniques (Hadoop/Hive)  

Kim, SungJin (Ajou University)
Kim, Kangseok (Ajou University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.27, no.5, 2017 , pp. 1117-1127 More about this Journal
Abstract
With the advent of Internet of Things (IoT), the number of devices connected to Internet has rapidly increased, but the security for IoT is still vulnerable. It is difficult to integrate existing security technologies due to generating a large amount of traffic by using different protocols to use various IoT devices according to purposes and to operate in a low power environment. Therefore, in this paper, we propose a normal network behavior profiling method based on big data analysis techniques. The proposed method utilizes a Hadoop/Hive for Big Data analytics and an R for statistical computing. Also we verify the effectiveness of the proposed method through a simulation.
Keywords
Big Data; Intrusion Detection; Simulation; Security Data Analysis; Normal Behavior Profiling;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Dorothy E. Denning, "Stuxnet: what has changed?," Future Internet, vol. 4, no. 3, pp. 672-687, July 2012. doi:10.3390/fi4030672   DOI
2 M. Krotofil and O. Yasynskyi, "Security Analysis of Cyber Attacks in Ukraine," Presented in Miami, 2017, https://www.slideshare.net/MarinaKrotofil/s4-krotofil-afternoonsesh2017
3 Hong-ryeol Ryu, Sung-mi Jung, and Taekyoung Kwon, "New paradigm of evolving threats - Advanced Persistent Threat (APT)," The Magazine of the Institute of Electronics and Information Engineers (IEIE), 41(4), pp. 16-30, Apr. 2014. http://www.dbpia.co.kr/Journal/ArticleDetail/NODE02397067
4 RTV6 TheIndyChannel.com, "'Raptors a head' sign gets stares, chuckles," Feb. 2009 http://www.theindychannel.com/news/-raptors-ahead-sign-gets-stares-chuckles
5 Sang-soo Hong, "[Technology Trends : SIEM] Evolve into an intelligent log management platform," CiOCiSO Magazine, Jan. 2016, http://www.ciociso.com/news/articleView.html?idxno=10993
6 Do-keun Kim, Seong-bin Pyo, and Chang-hee Kim, "Study on APT attack response techniques based on big data analysis," Journal of Convergence Knowledge, 4(1), pp. 29-34, Jan. 2016. http://www.dbpia.co.kr/Journal/ArticleDetail/NODE06606109
7 Sang-joon Lee and Dong-hoon Lee, "Real time predictive analytic system design and implementation using Bigdata-log," Journal of The Korea Institute of Information Security & Cryptology, 25(6), pp. 1399-1410, Dec. 2015. doi:10.13089/JKIISC.2015.25.6.1399   DOI
8 Jong-hyun Kim, Sun-hee Lim, Ik-kyeun Kim, Hyun-suk Cho, et al. "Trend of cyber security techniques using bigdata," ETRI Electrics and Telecommunications Trends, 28(3), pp. 19-29, June 2013. doi:10.22648/ETRI.2013.J.280303
9 Kyo-il Chung, Hanna Park, Boo-geum Jung, Jong-soo Jang, and Myung-ae Chung, "Bigdata and information security," Kore a Institute of Information Technology Magazine, 10(3), pp. 17-22, Sept. 2012. http://www.dbpia.co.kr/Journal/ArticleDetail/NODE02034221
10 Hadoop, http://hadoop.apache.org/
11 Hive, https://hive.apache.org/
12 Sung-moon Kwon and Tae-shik Shon, "Vulnerability and security status of control system DNP3 protocol," REVIEW of KIISC, 24(1), pp. 53-58, Feb. 2014. http://www.dbpia.co.kr/Journal/ArticleDetail/NODE02380941
13 R project for statistical computing, https://www.r-project.org/
14 Arena simulation software, https://www.arenasimulation.com/
15 IoT Security Alliance of KISA, "IoT common security guide for security internalization of ICT convergence products and services," Sept. 2016. https://www.kisa.or.kr/public/laws/laws3_View.jsp?cPage=1&mode=view&p_No=259&b_No=259&d_No=80&ST=&SV=