Parallel KNN and Neighborhood Classification Implementations on GPU for Network Intrusion Detection

Authors

  • Phuangpaka Kuttranont Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Kobkun Boonprakob Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Comdet Phaudphut Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Songyut Permpol Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Phet Aimtongkhamand Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Urachart KoKaew Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Boonsup Waikham Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.
  • Chakchai So-In Applied Network Technology (ANT), Department of Computer Science, Khon Kaen University, Khon Kaen, Thailand.

Keywords:

Data Mining, GPU, Graphics Processing Unit, Intrusion Detection, k-Nearest-Neighbour, KDD CUP, Neighborhood, Network Security.

Abstract

With a rapid growth of Internet community making a practical usage of numbers of application used in many areas, i.e., research, commercial, industry, and even in military, there are millions of reports on attacks and attempts to invade the system online; and that phenomenon has led the essential of intrusion detection system (IDS). Data mining is one of the promising approaches to deal with large scale dataset including attack detection and recognition based on attack traces as an example from KDD CUP 1999. However, one of its key limitations is the computational complexity, and thus, this research investigates the possibility to integrate parallel processing to enhance the detection speed-up implemented on NVIDIA CUDA GPU. Several proposals have focused on kNearest Neighbour (KNN) as one of the promising approaches due to its key advantage of simplicity and high precision; however, in addition to KNN evaluation, this research also proposes the integration of a simplified neighborhood classification (Neighborhood) using the percentage instead of group ranking resulting in higher accuracy gain with insignificantly increase of computational complexity trade-off.

References

Atzori, L. Iera, A. and Morabito, G. 2010. The Internet of Things: A survey. Computer Networks. 54(15): 2787–2805.

Mukherjee, B. Heberlein, L.T. and Levitt, K.N. 1994. Network intrusion detection. IEEE Network. 8(3): 26–41.

Chen, P.Y. Cheng, S.M. and Chen, K.C. 2014. Information Fusion to Defend Intentional Attack in Internet of Things. IEEE Internet of Things Journal. 1(4): 337–348.

Symantec Corporation. 2014. INTERNET SECURITY THREAT REPORT 2014. 19.[www.symantec.com/content/en/us/enterprise/other_resources/bistr_main_report_v19_21291018.en-us.pdf]

McAfee. 2014. Net Losses: Estimating the Global Cost of Cybercrime [www.mcafee.com/mx/resources/reports/rp-economic-impactcybercrime2.pdf]

Butun, I. Morgera, S.D. and Sankar, R. 2014. A Survey of Intrusion Detection Systems in Wireless Sensor Networks. IEEE Communication Surveys & Tutorials. 16(1): 266–282.

Liao, H.J. Lin, C.H.R. Lin, Y.C. and Tung, K.Y. 2013. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications. 36(1): 16–24.

Julisch, K. 2002. Data Mining for Intrusion Detection. Application of Data Mining in Computer Security, Advances in Information Security. 6: 33–62.

Helali, R.G.M. 2010. Data Mining Based Network Intrusion Detection System: A Survey. Novel Algorithms and Techniques in Telecommunications and Networking. 501–505.

Vaarandi, R. 2009. Real-time classification of IDS alerts with data mining techniques. Proc. IEEE International Conference on Military Communications. 1–7.

Gianfelici, F. Turchetti, C. and Crippa, P. 2007. Efficient Classification of Chaotic Signals with Application to Secure Communications. Proc. IEEE International Conference on on Acoustics, Speech, and Signal Processing. 1073–1076.

Wu, X. Kumar, V. Quinlan, J.R. Ghosh, J. Yang, Q. Motoda, H. McLachlan, G.J. Ng, A. Liu, B. Yu, P.S. Zhou, Z. Steinbach, M. Hand, D.J. and Steinberg, D. 2008. Top 10 algorithms in data mining. Knowledge and Information Systems Journal. 14(1): 1–37.

Wagh, S.K. Pachghare, V.K. and Kolhe, S.R. 2013. Survey on Intrusion Detection System using Machine Learning Techniques. International Journal of Computer Applications, 78(16): 30–37.

So-In, C. Mongkonchai, N. Aimtongkham, P. Wijitsopon, K. and Rujirakul, K. 2014. An Evaluation of Data Mining Classification Models for Network Intrusion Detection. Proc. International Conference on Digital Information and Communication Technology and its Applications. 90–94.

Bhatia, N. and Vandana. 2010. Survey of Nearest Neighbor Techniques. International Journal of Computer Science and Information Security. 8(2): 302–305.

Hu, Q. Yu, D. and Xie, Z. 2008. Neighborhood classifiers. Expert Systems with Applications. 34(2): 886–876.

Kirk, D.B. and Hwu, W.W. 2010. Programming Massively Parallel Processors: A Hands-on Approach. Morgan Kaufmann. 280 pp.

Wilt, N. 2013. CUDA Handbook: A Comprehensive Guide to GPU Programming. Addison-Wesley Professional. 528 pp.

Navarro, C.A. Hitschfeld-kahler, N. and Mateu, L. 2014. A Survey on Parallel Computing and its Applications in Data-Parallel Problems Using GPU Architectures. Communications in Computational Physics. 15(2): 285–329.

Shi, L. Liu, W. Zhang, H. Xie, Y. and Wang, D. 2012. A survey of GPU-based medical image computing techniques. Quantitative Imaging in Medicine and Surgery. 2(3): 188–206.

So-In, C. Poolsanguan, S. Poonriboon, C. Rujirakul, K. and Phaudphut, C. 2013. Performance Evaluation of Parallel AES Implementations over CUDA GPU Framework. International Journal of Digital Content Technology and its Applications. 7(5): 501–511.

Garcia, V. Debreuve, E. and Barlaud, M. 2008. Fast k nearest neighbor search using GPU. Proc. IEEE Conference on Computer Vision and Pattern Recognition Workshops. 1–6.

Kuang, Q. and Zhao, L. 2009. A Practical GPU Based KNN Algorithm. Proc. Symposium International Computer Science and Computational Technology. 151–155.

Kikam, V.B. and Meshram, B.B. 2014. PARALLEL kNN ON GPU ARCHITECTURE USING OpenCL. International Journal of Research in Engineering and Technology. 3(10): 367–372.

Patel, S. and Sondhi, J. 2014. A Review of Intrusion Detection Technique using Various Technique of Machine Learning and Feature Optimization Technique. International Journal of Computer Applications. 93(14): 43–47.

Jian, L. Wang, C. Liu, Y. Liang, S. Yi, W. and Shi, Y. 2013. Parallel data mining techniques on Graphics Processing Unit with Compute Unified Device Architecture (CUDA). The Journal of Supercomputing. 64(3): 942–967.

KDD CUP 1999 Data. [kdd.ics.uci.edu/databases/kddcup99/kddcup99.html].

J. Schneider, “Cross Validation”. [www.cs.cmu.edu/~schneide/tut5/node42.html].

H. Hamilton, “Confusion Matrix” [www2.cs.uregina.ca/~dbd/cs831/notes/confusion_matrix/confusion_matrix.html].

Geforce GTX 750 TI Dataset. [www.nvidia.com/gtx-700-graphics-cards/gtx-750ti/].

Downloads

Published

2017-06-01

How to Cite

Kuttranont, P., Boonprakob, K., Phaudphut, C., Permpol, S., Aimtongkhamand, P., KoKaew, U., Waikham, B., & So-In, C. (2017). Parallel KNN and Neighborhood Classification Implementations on GPU for Network Intrusion Detection. Journal of Telecommunication, Electronic and Computer Engineering (JTEC), 9(2-2), 29–33. Retrieved from https://jtec.utem.edu.my/jtec/article/view/2215

Most read articles by the same author(s)