A Network Intrusion Detection System Framework based on Hadoop and GPGPU

In IT industry the business data grows exponentially, which results in concern to enhance the security system by implementing effective NIDS (Network Intrusion Detection System).The quick response to detecting intrusion an essential feature of any NIDS system, but due to the huge amount of data obtained from organizations which impacts the performance of NIDS. The reason could be of wide range like network speed, amount of data from servers, and an algorithm which directly or indirectly impact the performance. This paper deals with design consideration of NIDS framework which is based on Hadoop and GPGPU (General Purposed Graphical Processing Unit) approach. The proposed NIDS system handles network traffic through Hadoop Framework and intrusion detection functionality will carry-out by GPGPU. The proposed approach improves the NIDS performance and its capability is to provide quick response to various types of network attacks. We have configured our proposed system with Hadoop Data-platform along with its ecosystems to process large volume of network traffic. We apply NVidia CUDA technology (Compute Unified Device Architecture) the parallel programming model for intrusion detection. In our implementation phase we have analyzed Hadoop framework which is capable to process 1, 2 and 4 Giga bytes of server logs in efficient time of 29.86, 47.09 and 94.96 Seconds. We have further added analytics over intrusion by using PF-ICF (Pattern frequency Inverse cluster frequency) approach.