Evaluation of Distributed Intrusion Detection System Based on MongoDB


KIPS Transactions on Computer and Communication Systems, Vol. 8, No. 12, pp. 287-296, Dec. 2019
10.3745/KTCCS.2019.8.12.287, Full Text:
Keywords: Big data, Intrusion Dectection System, MongoDB, Cloud computing, Distributed Processing
Abstract

Due to the development and increased usage of Internet services such as IoT and cloud computing, a large number of packets are being generated on the Internet. In order to create a safe Internet environment, malicious data that may exist among these packets must be processed and detected quickly. In this paper, we apply MongoDB, which is specialized for unstructured data analysis and big data processing, to intrusion detection system for rapid processing of big data security events. In addition, building the intrusion detection system(IDS) using some of the private cloud resources which is the target of protection, elastic and dynamic reconfiguration of the IDS is made possible as the number of security events increase or decrease. In order to evaluate the performance of MongoDB – based IDS proposed in this paper, we constructed prototype systems of IDS based on MongoDB as well as existing relational database, and compared their performance. Moreover, the number of virtual machine has been increased to find out the performance change as the IDS is distributed. As a result, it is shown that the performance is improved as the number of virtual machine is increased to make IDS distributed in MongoDB environment but keeping the overall system performance unchanged. The security event input rate based on distributed MongoDB was faster as much as 60%, and distributed MongoDB-based intrusion detection rate was faster up to 100% comparing to the IDS based on relational database.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
H. Han, H. Kim and Y. Kim, "Evaluation of Distributed Intrusion Detection System Based on MongoDB," KIPS Transactions on Computer and Communication Systems, vol. 8, no. 12, pp. 287-296, 2019. DOI: 10.3745/KTCCS.2019.8.12.287.

[ACM Style]
HyoJoon Han, HyukHo Kim, and Yangwoo Kim. 2019. Evaluation of Distributed Intrusion Detection System Based on MongoDB. KIPS Transactions on Computer and Communication Systems, 8, 12, (2019), 287-296. DOI: 10.3745/KTCCS.2019.8.12.287.