The Network Security Monitoring System (NSMS) can use Big Data (BD) and K-means DT (K-means with distance threshold) algorithms to automatically learn and identify abnormal patterns in the network, improving the accuracy of network threat detection. In this article, KDD Cup 1999 and NSL KDD were selected as NSMS for dataset analysis. Preprocess the data; Extract statistical information, time series information, and traffic distribution characteristics. Value device DT further classifies regular attacks, remote location (R2L) attacks, and user to root (U2R) permission attacks. The experimental results show that the hybrid intrusion detection algorithm based on K-means DT achieves a network attack detection accuracy of 99.2% and a network attack detection accuracy of 98.9% on the NSL-KDD dataset. Hybrid intrusion detection algorithms can effectively improve the accuracy of network intrusion detection (NID). The hybrid intrusion detection system proposed in this article performs well on different datasets and can effectively detect various types of network intrusion attacks, with better performance than other algorithms. The NSMS designed in this article can cope with constantly changing network threats.
XiongJXWuJZ. Dynamic mining of sensitive data streams in heterogeneous and complex information networks. Computer Engineering and Science. 2020; 42(4): 628-633.
2.
ZhangZX. Research on methods for obtaining sensitive data on social networks. Software Guide. 2018; 17(3): 56-58.
3.
AssenzaGLucaFGabrieleORobertoS. Cyber threats for operational technologies. International Journal of System of Systems Engineering. 2020; 10(2): 128-142. doi: 10.1504/IJSSE.2020.109127.
4.
NarwalBAmarKMKaleemAU. Towards a taxonomy of cyber threats against target applications. Journal of Statistics and Management Systems. 2019; 22(2): 301-325. doi: 10.1080/09720510.2019.1580907.
5.
JianSJLuZGDuDJiangBLiuBX. Overview of network intrusion detection technology. Journal of Information Security. 2020; 5(4): 96-122.
6.
ZhangWAHongZZhuJWChenB. Summary of network intrusion detection methods for industrial control systems. Control and Decision-Making. 2019; 34(11): 2277-2288.
7.
DingWTangJYCaoYDaiTChenHJXuAD, et al. Network security risk analysis and protection countermeasures of power grid information physical system. Power Information and Communication Technology. 2018; 16(9): 33-38.
8.
ShaoCL. Improvement and optimization of network security monitoring of power monitoring system. Water Conservancy And Electric Power Technology And Application. 2023; 5(2): 94-96.
9.
ZhangTM. Design and implementation of network security detection system. Wireless Interconnection Technology. 2018; 15(2): 37-38.
10.
HameedBilalHAnmarYTRaedKIAdnanHAYasserAH. Based on mesh sensor network: design and implementation of security monitoring system with Bluetooth technology. Indones J Electr Eng Comput. 2022; Sci 27(1): 1781-1790. doi: 10.11591/ijeecs.v26.i3.pp1781-1790.
11.
MohammadpourLeilaTeckCLCheeSLChunYC. A convolutional neural network for network intrusion detection system. Proceedings of the Asia-Pacific Advanced Network. 2018; 46(0): 50-55.
12.
GurungSandeepMirnalKGArojS. Deep learning approach on network intrusion detection system using NSL-KDD dataset. International Journal of Computer Network and Information Security. 2019; 11(3): 8-14. doi: 10.5815/ijcnis.2019.03.02.
13.
MaTNWangCPengLLGuoXFDuYGouQF, et al. Research on predictive analysis of energy consumption behavior of users of integrated energy systems under multi-source heterogeneous big data. Smart Power. 2018; 46(10): 86-95.
14.
LiJH. Research and development of power big data system based on improved K-means algorithm. Electronic Measurement Technology. 2018; 41(13): 23-28.
15.
WangLZouECZengCXiXFLuY. Spark-based big data clustering research and system implementation. Data Collection and Processing. 2018; 33(6): 1077-1085.
16.
LiQ. A power big data anomaly detection method based on improved PSO-PFCM clustering algorithm. Power System Protection And Control. 2021; 49(18): 161-166.
17.
WuHHaoJJLuYL. Research on distributed network intrusion detection system based on honey field in Internet of Things. Journal of Communication. 2024; 45(1): 106-118. doi: 10.11959/j.issn.1000-436x.2024020.
18.
XuZYYangXHWangYLiL. Network intrusion detection algorithm for unbalanced datasets. Journal of Jilin University (Information Science Edition). 2023; 41(6): 1112-1119.
19.
ZhangFXieFJiangJ. Overview of cyber threat security data visualization. Journal of Network and Information Security. 2018; 4(2): 34-39.
20.
ChangLWTianXXZhangYQQianYHHuZG. A network security posture assessment system based on multi-source heterogeneous data fusion. Journal of Intelligent Systems. 2021; 16(1): 38-47.
21.
ChenY. Research on network security situational awareness technology. Jiangsu Science and Technology Information. 2019; 36(3): 38-41.
22.
YangZYZhangSPSunH. Comprehensive analysis and risk research on the security of power system information physical network. Southern Energy Construction. 2020; 7(3): 6-22.
23.
SiddiqueKZahidAFarrukhAKYangwooK. KDD cup 99 data sets: A perspective on the role of data sets in network intrusion detection research. Computer. 2019; 52(2): 41-51. doi: 10.1109/MC.2018.2888764.
24.
HinganeMrSUmeshKL. A hybrid intrusion detection technique based on IRF and AODE for KDD-CUP 99 dataset. International Research Journal of Engineering and Technology. 2018; (IRJET) 5(6): 938-942.
25.
ShuklaAlokKPradeepS. Building an effective approach toward intrusion detection using ensemble feature selection. International Journal of Information Security and Privacy. 2019; (IJISP) 13(3): 31-47. doi: 10.4018/IJISP.201907010102.
26.
MohammedBEkhlasKG. Intrusion detection system for NSL-KDD dataset based on deep learning and recursive feature elimination. Engineering and Technology Journal. 2021; 39(7): 1069-1079.
27.
HanSASunLPYangYYWuWLGuoXXDaiCC, et al. A data cleaning method based on improved K-Means clustering and error feedback. Power Grid and Clean Energy. 2020; 36(7): 9-15.
28.
BullaChetanMMahanteshNB. Improved data-driven root cause analysis in a fog computing environment. International Journal of Intelligent Information Technologies. (IJIIT). 18(1): 1-28.
29.
IslamMohaiminulGuorongCShangzhuJ. An overview of neural network. American Journal of Neural Networks and Applications. 2019; 5(1): 7-11.
30.
StaufferJZhangQ. s2Cloud: A novel cloud-based precision health system for smart and secure IoT big data harnessing. Discov Internet Things. 2024; 4(3).
31.
HuS. Full target k-coverage retention at the boundary of smart sensor networks, Engineering Intelligent Systems. 2024; 32(2): 145-153.
32.
SunilKAchyutS. Cluster-based energy-efficient routing protocol in next generation sensor networks. Int J Grid Util Comput. 2024; 15(2): 181-197.
33.
XuXDWeiSVivekanandaGNAchyutS. Achieving concurrency in cloud-orchestrated Internet of Things for resource sharing through multiple concurrent access. Comput. 2024; Intell. 40(1).
34.
NguyenCuongDTrongHD. K-means**–a fast and efficient K-means algorithms. International Journal of Intelligent Information and Database Systems. 2018; 11(1): 27-45.
35.
XieBDongXYLiangHW. An intrusion detection algorithm based on three dynamic threshold K-means clustering. Journal of Zhengzhou University (Science Edition). 2020; 52(2): 64-70.
36.
MaZLDingXMLiuCJLiYQ. Keyframe extraction method based on DT clustering. Journal of Ludong University: Natural Science Edition. 2018; 34(2): 128-135.
