A novel approach in detecting intrusions using NSLKDD database and MapReduce programming

Due to the increasing usage of the cloud computing architecture, computer systems are facing many security challenges that render sensitive data visible and available to be counterfeited by malicious users and especially intruders. Log files are generated at every level of the computing infrastructure and represent a valuable source of information in detecting attacks. The main goal of this work is the identifiction and prediction of attacks and malicious behaviors by analyzing, classifying and labeling recorded activities in log files. This paper uses MapReduce programming to prior each user behavior, it also employs K-Means algorithm to cluster unknown events and K-NN supervised learning on NSLKDD database to define unlabelled classes.