Sistema Distribuído para Detecção de Ameaças em Tempo Real Utilizando Big Data
Fábio César Schuartz, Mauro Sérgio Pereira Fonseca, Anelise Munaretto Fonseca

DOI: 10.14209/sbrt.2017.265
Evento: XXXV Simpósio Brasileiro de Telecomunicações e Processamento de Sinais (SBrT2017)
Keywords:
Abstract
Detecting threats on the Internet is a key factor in maintaining data and information security. An intrusion detection system tries to prevent such attacks from occurring through the analysis of patterns and behavior of the data flow in the network. This paper presents a distributed platform for detection and analysis of data in a large flux, through classification algorithms present in flux processing units. The system architecture allows each classifier to work in parallel and the results are grouped into a visualization interface, allowing the monitoring of each unit. The evaluation of the system is based on the accuracy, number of false positives and false negatives, where each classifier presented accuracy above 90% and, with the exception of the Naive Bayes algorithm, reduced number of false positives and negatives, allowing The detection of real-time threats over a large volume of data.

Download