A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing Based on Snort and Optimized Back Propagation Neural Network

A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing Based on Snort and Optimized Back Propagation Neural Network

Available online at www.sciencedirect.com ScienceDirect Procedia Computer Science 83 (2016) 1200 – 1206 7KHQG,QWHUQDWLRQDO:RUNVKRSRQ0RELOH&OR...

413KB Sizes 0 Downloads 63 Views

Available online at www.sciencedirect.com

ScienceDirect Procedia Computer Science 83 (2016) 1200 – 1206

7KHQG,QWHUQDWLRQDO:RUNVKRSRQ0RELOH&ORXG&RPSXWLQJ6\VWHPV0DQDJHPHQWDQG 6HFXULW\ 0&606  

$&RRSHUDWLYHDQG+\EULG1HWZRUN,QWUXVLRQ'HWHFWLRQ)UDPHZRUN LQ&ORXG&RPSXWLQJ%DVHGRQ6QRUWDQG2SWLPL]HG%DFN 3URSDJDWLRQ1HXUDO1HWZRUN =&KLED 1$EJKRXU.0RXVVDLG$(ORPUL05LGD 7HDPRI0RGHOLQJDQG2SWLPL]DWLRQRIPRELOHVHUYLFHV)DFXOW\RI6FLHQFHV+DVVDQ,,8QLYHUVLW\RI&DVDEODQFD&DVDEODQFD0RURFFR

$EVWUDFW &ORXG FRPSXWLQJ SURYLGHV D IUDPHZRUN IRU VXSSRUWLQJ HQG XVHUV HDVLO\ DWWDFKLQJ SRZHUIXO VHUYLFHV DQG DSSOLFDWLRQV WKURXJK ,QWHUQHW7RJLYHVHFXUHDQGUHOLDEOHVHUYLFHVLQFORXGFRPSXWLQJHQYLURQPHQWLVDQLPSRUWDQWLVVXH3URYLGLQJVHFXULW\UHTXLUHV PRUH WKDQ XVHU DXWKHQWLFDWLRQ ZLWK SDVVZRUGV RU GLJLWDO FHUWLILFDWHV DQG FRQILGHQWLDOLW\ LQ GDWD WUDQVPLVVLRQ EHFDXVH LW LV YXOQHUDEOHDQGSURQHWRQHWZRUNLQWUXVLRQVWKDWDIIHFWFRQILGHQWLDOLW\DYDLODELOLW\DQGLQWHJULW\ RI&ORXGUHVRXUFHVDQGRIIHUHG VHUYLFHV 7R GHWHFW 'R6 DWWDFN DQG RWKHU QHWZRUNOHYHO PDOLFLRXVDFWLYLWLHVLQ &ORXG XVH RI RQO\ WUDGLWLRQDO ILUHZDOOLV QRW DQ HIILFLHQWVROXWLRQ,QWKLVSDSHUZHSURSRVHDFRRSHUDWLYHDQGK\EULGQHWZRUNLQWUXVLRQGHWHFWLRQ V\VWHP &+1,'6 WRGHWHFW QHWZRUNDWWDFNVLQWKH&ORXGHQYLURQPHQWE\PRQLWRULQJQHWZRUNWUDIILFZKLOHPDLQWDLQLQJSHUIRUPDQFHDQGVHUYLFHTXDOLW\,Q RXU1,'6IUDPHZRUNZHXVH6QRUWDVDVLJQDWXUHEDVHGGHWHFWLRQWRGHWHFWNQRZQDWWDFNVZKLOHIRUGHWHFWLQJQHWZRUNDQRPDO\ ZHXVH%DFN3URSDJDWLRQ1HXUDOQHWZRUN %31 %\DSSO\LQJVQRUWSULRUWRWKH%31FODVVLILHU%31KDVWRGHWHFWRQO\XQNQRZQ DWWDFNV 6R GHWHFWLRQ WLPH LV UHGXFHG 7R VROYH WKH SUREOHP RI VORZ FRQYHUJHQFH RI %31 DQG EHLQJ HDV\ WR IDOO LQWR ORFDO RSWLPXPZHSURSRVHWRRSWLPL]HWKHSDUDPHWHUVRILWE\XVLQJDQRSWLPL]DWLRQDOJRULWKPLQRUGHUWRHQVXUHKLJKGHWHFWLRQUDWH KLJKDFFXUDF\ORZIDOVHSRVLWLYHVDQGORZIDOVHQHJDWLYHVZLWKDIIRUGDEOHFRPSXWDWLRQDOFRVW,QDGGLWLRQLQWKLVIUDPHZRUNWKH ,'6V RSHUDWH LQ FRRSHUDWLYH ZD\ WR RSSRVH WKH 'R6 DQG ''R6 DWWDFNV E\ VKDULQJ DOHUWV VWRUHG LQ FHQWUDO ORJ ,Q WKLV ZD\ XQNQRZQDWWDFNVWKDWZHUHGHWHFWHGE\DQ\,'6FDQHDVLO\EHGHWHFWHGE\RWKHUV,'6V7KLVDOVRKHOSVWRUHGXFHFRPSXWDWLRQDO FRVWIRUGHWHFWLQJLQWUXVLRQVDWRWKHUV,'6DQGLPSURYHGHWHFWLRQUDWHLQRYHUDOOWKH&ORXGHQYLURQPHQW ‹7KH$XWKRUV3XEOLVKHGE\(OVHYLHU%9 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). 3HHUUHYLHZXQGHUUHVSRQVLELOLW\RIWKH&RQIHUHQFH3URJUDP&KDLUV Peer-review under responsibility of the Conference Program Chairs .H\ZRUGV&ORXGFRPSXWLQJ1HWZRUNLQWUXVLRQGHWHFWLRQ%DFNSURSDJDWLRQQHXUDOQHWZRUN6QRUW2SWLPL]DWLRQDOJRULWKP

  =RXKDLU&KLED7HO (PDLODGGUHVVFKLED]RXKDLU#JPDLOFRP

1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). Peer-review under responsibility of the Conference Program Chairs doi:10.1016/j.procs.2016.04.249

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

,QWURGXFWLRQ

1201



&ORXGFRPSXWLQJ && LVUDSLGO\JURZLQJFRPSXWDWLRQDOPRGHOLQWRGD\µV,7ZRUOG,WGHOLYHUVFRQYHQLHQWRQ GHPDQG QHWZRUN DFFHVV WR D VKDUHG SRRO RI FRQILJXUDEOH FRPSXWLQJ UHVRXUFHV HJ 1HWZRUNV VHUYHUV VWRUDJH DSSOLFDWLRQVHWF ³DVVHUYLFH´RQWKHLQWHUQHWIRUVDWLVI\LQJFRPSXWLQJGHPDQGRIXVHUV $UHFHQWVXUYH\SHUIRUPHGE\&ORXG6HFXULW\$OOLDQFH &6$  ,(((LQGLFDWHVWKDWHQWHUSULVHVDFURVVVHFWRUV DUHHDJHUWRDGRSWFORXGFRPSXWLQJEXWWKDWVHFXULW\DUHQHHGHGERWKWRDFFHOHUDWHFORXGDGRSWLRQRQDZLGHVFDOH DQG WR UHVSRQG WR UHJXODWRU\ GULYHUV 2QH RI PDMRU VHFXULW\ LVVXHV LQ &ORXG LV WR GHWHFW DQG SUHYHQW QHWZRUN LQWUXVLRQV VLQFH WKH QHWZRUN LV WKH EDFNERQH RI &ORXG DQG KHQFH YXOQHUDELOLWLHV LQ QHWZRUN GLUHFWO\ DIIHFW WKH VHFXULW\RI&ORXG/0DUWLIURP&\EHU6HFXULW\GLYLVLRQVWDWHGWKDWPDLQFRQFHUQDIWHUGDWDVHFXULW\LVDQLQWUXVLRQ GHWHFWLRQDQGSUHYHQWLRQLQWKH&ORXG 7KHUHDUHSULQFLSDOO\WZRW\SHVRIWKUHDGVLQVLGHU DWWDFNHUVZLWKLQD&ORXGQHWZRUN DQGRXWVLGHU DWWDFNHUVRXWVLGH WKH&ORXGQHWZRUN FRQVLGHUHGLQ&ORXG1HWZRUN x ,QVLGHU DWWDFNHUV $XWKRUL]HG &ORXG XVHUV PD\ DWWHPSW WR JDLQ DQG PLVXVH  XQDXWKRUL]HG SULYLOHJHV ,QVLGHUVPD\FRPPLWIUDXGVDQGGLVFORVHLQIRUPDWLRQWRRWKHU RUPRGLI\LQIRUPDWLRQLQWHQWLRQDOO\ 7KLV SRVHVDVHULRXVWUXVWLVVXH)RUH[DPSOHDQLQWHUQDO'R6DWWDFNGHPRQVWUDWHGDJDLQVWWKH$PD]RQ(ODVWLF &RPSXWH&ORXG (&  x 2XWVLGHUDWWDFNHUV FDQ EH FDOOHG DVWKHQHWZRUN DWWDFNHUVZKR DUHDEOH WR SHUIRUP GLIIHUHQWDWWDFNV DV ,3 VSRRILQJ $GGUHVV 5HVROXWLRQ 3URWRFRO $53 VSRRILQJ  '16 SRLVRQLQJ PDQLQWKHPLGGOH 'HQLDO RI 6HUYLFH 'RV 'LVWULEXWHG 'HQLDO RI VHUYLFH ''R6  DWWDFNV SKLVKLQJ DWWDFN XVHU WR URRW DWWDFN 3RUW VFDQQLQJ DWWDFN RQ YLUWXDO PDFKLQH 90  RU K\SHUYLVRU VXFK %/8(3,// DQG '.60 WKURXJK ZKLFK KDFNHUV FDQ EH DEOH WR FRPSURPLVH LQVWDOOHGK\SHUYLVRU WR JDLQ FRQWURO RYHU WKH KRVW %DFNGRRU FKDQQHO DWWDFNVHWF 7KHVH DWWDFNV DIIHFW WKH LQWHJULW\ FRQILGHQWLDOLW\ DQG DYDLODELOLW\ RI &ORXGUHVRXUFHV DQG RIIHUHG VHUYLFHV 7R DGGUHVV DERYH LVVXHV PDMRU &ORXG SURYLGHUV OLNH $PD]RQ (&& :LQGRZ $]XUH 5DFN 6SDFH (XFDO\SWXV 2SHQ 1HEXODHWF XVHWKHILUHZDOO)LUHZDOOSURWHFWVWKHIURQWDFFHVVSRLQWVRIV\VWHPDQGLVWUHDWHGDVWKHILUVWOLQHRI GHIHQVH$VILUHZDOOVQLIIVWKHQHWZRUNSDFNHWVRQO\DWWKHERXQGDU\RIDQHWZRUNLQVLGHUDWWDFNVFDQQRWEHGHWHFWHG E\LW)HZ'R6RU''R6DWWDFNVDUHWRRFRPSOH[WRGHWHFWXVLQJWUDGLWLRQDOILUHZDOO)RUH[DPSOHLIWKHUHLVDQ DWWDFNRQSRUW ZHEVHUYLFH ILUHZDOOFDQQRWGLIIHUHQWLDWHQRUPDODQGOHJLWLPDWHWUDIILFIURP'R6DWWDFNWUDIILF  7KXV XVH RI RQO\ WUDGLWLRQDO ILUHZDOO WR EORFN DOOWKH LQWUXVLRQVLVQRWDQ HIILFLHQW VROXWLRQ $QRWKHU VROXWLRQ LV WR GHSOR\QHWZRUNEDVHGLQWUXVLRQGHWHFWLRQV\VWHP 1,'6 LQ&ORXGFRPSXWLQJ1,'6FDSWXUHVWKHQHWZRUNSDFNHWV DQGDSSOLHVLQWUXVLRQGHWHFWLRQWHFKQLTXHVRQFDSWXUHGSDFNHWVLQRUGHUWRGHWHFWQHWZRUNVDWWDFNV   2XUFRQWULEXWLRQ  :HSURSRVHDQHZVHFXULW\ IUDPHZRUNWKDW LQWHJUDWHVDFRRSHUDWLYHDQGK\EULG1,'6WR&ORXG RIIHULQJ,DDV  :HGHSOR\RXU&+1,'6DWWKH)URQWHQGRQ&ORXG&RQWUROOHUDVZHOODVDWRQ%DFNHQGRQHDFKSURFHVVLQJVHUYHU KRVWLQJ 90  LQ RUGHU WR GHWHFW ERWK LQWHUQDO DQG H[WHUQDO QHWZRUN LQWUXVLRQV LQ &ORXG (QYLURQPHQW ,Q WKLV IUDPHZRUNZHXVHERWKWKHWHFKQLTXHVVLJQDWXUHEDVHGGHWHFWLRQDQGDQRPDO\EDVHGGHWHFWLRQ6QRUWDVDVLJQDWXUH EDVHG GHWHFWLRQ LV XVHGWR GHWHFW NQRZQ DWWDFNV ZKLOH IRUGHWHFWLQJQHWZRUN DQRPDO\ ZH XVH DQ RSWLPL]HG %DFN 3URSDJDWLRQ1HXUDOQHWZRUN %31 6HYHUDOUHVHDUFKHUVXVHG%31DSSURDFKIRUGHWHFWLRQLQWUXVLRQDWWDFNVEHFDXVH LW KDV VKRZQ JRRG FDSDELOLW\ LQ GHWHFWLQJ DWWDFNV %XW DFFRUGLQJ WR PDQ\ UHVHDUFKHV %31 KDV WKH IROORZLQJ ZHDNQHVVHV x 6ORZGHWHFWLRQVSHHG x /RZGHWHFWLRQDFFXUDF\ x (DV\WRIDOOLQWRORFDOPLQLPXPYDOXH x 6ORZFRQYHUJHQFHVSHHG ,QRUGHUWRVROYHWKHSUREOHPVDERYHZHSURSRVHWRRSWLPL]HWKH%31E\XVLQJDQRSWLPL]DWLRQDOJRULWKP &RPELQLQJ VLJQDWXUH EDVHG GHWHFWLRQ DQG DQRPDO\ GHWHFWLRQ LQ RXU 1,'6 PRGXOH LPSURYHV GHWHFWLRQ DFFXUDF\ VLQFH WKH\ DUH FRPSOLPHQWLQJ HDFK RWKHU ,Q DGGLWLRQ WKH VLJQDWXUH EDVHG GHWHFWLRQ WHFKQLTXH LV DSSOLHG SULRU WR DQRPDO\ GHWHFWLRQ ZKLFK UHGXFHV WKH FRPSXWDWLRQDO FRVW %31 FODVVLILHU KDV WR GHWHFW RQO\ XQNQRZQ DWWDFNV EHFDXVHNQRZQDWWDFNVDUHDOUHDG\GHWHFWHGE\6QRUWDQGGHQLHG%\XVLQJFHQWUDOORJRIPDOLFLRXVSDFNHWVGHWHFWHG

1202

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

1,'6SODFHGRQDOOWKHVHUYHUVZRUNLQFRRSHUDWLYHPDQQHUWKH\XSGDWHWKHLUEDVHV NQRZOHGJHEDVHDQGEHKDYLRU EDVH E\JHWWLQJDOHUWVVWRUHGLQWKHFHQWUDOORJ6RDQ\XQNQRZQDWWDFN WKDWZDVSUHYLRXVO\GHWHFWHGDWDQ\VHUYHU  FDQEHHDVLO\GHWHFWHGE\6QRUWDWRWKHUVHUYHUV7KLVDOVRKHOSVWRUHGXFHFRPSXWDWLRQDOFRVWIRUGHWHFWLQJLQWUXVLRQV DW RWKHU VHUYHUV DQG LPSURYH GHWHFWLRQ UDWH LQ RYHUDOO WKH &ORXG 2XU PDLQ DLP LV WR UHGXFH LPSDFW RI QHWZRUN DWWDFNV NQRZQ DWWDFNV DQG XQNQRZQ DWWDFNV  ZKLOH HQVXULQJ KLJKHU GHWHFWLRQ UDWH ORZHU IDOVH SRVLWLYH UDWH DQG ORZHUIDOVHQHJDWLYHUDWHZLWKDQDIIRUGDEOHFRPSXWDWLRQDOFRVW 7KH UHVW RI WKLV SDSHU LV RUJDQL]HG DV IROORZV 6HFWLRQ  GLVFXVVHV H[LVWLQJ 1,'6 DSSURDFKHV WR &ORXG $ GHWDLOHGGHVFULSWLRQRIWKHSURSRVHGIUDPHZRUNLVGLVFXVVHG LQVHFWLRQ6HFWLRQVXPPDULHVWKHFRQFOXVLRQVDQG IXWXUHZRUNZLWKWKHUHIHUHQFHVDWWKHHQG  5HODWHG:RUNV  &&/RHWDOSURSRVHGWRGHSOR\LQGLYLGXDO1,'6PRGXOHLQHDFK&ORXGUHJLRQ,QFDVHRILQWUXVLRQGHWHFWLRQ LWGURSVWKHDWWDFNHU¶VSDFNHWDQGWKHQVHQGVDOHUWPHVVDJHVWRRWKHUUHJLRQVXVLQJDJHQWV$WHDFKUHJLRQDQDOHUW SURGXFHG E\ RWKHU UHJLRQV DUH JDWKHUHG WR GHWHUPLQH ZKHWKHU LW LV WUXH RU IDOVH 7KLV LV GRQH E\ FDOFXODWLQJ WKH VHYHULW\ RI DQ DOHUW 7KHVH DSSURDFKHV DUH FRQYHQLHQW IRU SUHYHQWLQJ &ORXG IURP ''R6 DWWDFN +RZHYHU WKH FRPSXWDWLRQDODQGFRPPXQLFDWLRQHIIRUWLVDXJPHQWHG 10RGL HW DO KDYH LQWHJUDWHG D VLJQDWXUH $SULRUL EDVHG 1,'6 WR &ORXG 6LJQDWXUH $SULRUL WDNHV QHWZRUN SDFNHWV DQG NQRZQ DWWDFN VLJQDWXUHV DV LQSXW DQG JHQHUDWHV QHZ GHULYHG UXOHV WKDW DUH XSGDWHG LQ WKH 6QRUW 7KHUHIRUH 6QRUW LV DEOH WR GHWHFW NQRZQ DWWDFNV DQG GHULYDWLYH RI NQRZQ DWWDFNV LQ WKH &ORXG 7KLV DSSURDFK LPSURYHVWKHHIILFLHQF\RI6QRUW+RZHYHULWFDQQRWGHWHFWXQNQRZQDWWDFNV 0DQWKLUD 0RRUWK\ 6 HW DO KDYH SURSRVHG VHFXULW\ DUFKLWHFWXUH IRU FORXG LQ ZKLFK D YLUWXDO KRVW EDVHG LQWUXVLRQ GHWHFWLRQ V\VWHP ZDV SODFHG EHWZHHQ URXWHU DQG &ORXG KRVW 7KH GHYHORSHG ,'6 FRQVLVWV RI WKUHH FRPSRQHQWV QDPHO\ (YHQW $XGLWRU ,'6 VHUYLFH FRPELQDWLRQ RI DQDO\]H V\VWHP DQG $OHUW V\VWHP  DQG &,'' &ORXG ,QWUXVLRQ 'HWHFWLRQ 'DWD 6HWV  7KH DQDO\]HU V\VWHP H[DPLQHV WKH FRQWHQW RI SDFNHW DJDLQVW WKH FORXG LQWUXVLRQ GDWDVHWV VLJQDWXUHV VWRUHG LQ &,'' E\ PHDQV RI SDWWHUQ PDWFKLQJ 7KH H[SHULPHQWV FRQGXFWHG E\ WKH DXWKRUV VKRZ WKDW WKHSURSRVHG ,'6 ZDV DEOH WRGHWHFW  RI UDQGRP VHWV RI FORXG DWWDFNV DQGQR IDOVH SRVLWLYH DODUPLVUDLVHGZKLOHILOWHULQJEDFNJURXQGWUDIILFUHFHLYHGIRUP'$53$GDWDVHW+RZHYHUUHVXOWVVKRZWKDWODWHQF\ LQ,'6LVLQFUHDVLQJDFFRUGLQJWREDFNJURXQGWUDIILFDQGDEUHDNLQJSRLQWZDVLGHQWLILHGDWPESVLQZKLFKWKH ,'6JHQHUDWHGDQHUURUDQGVWRSSHG7KHUHIRUHDQXQVWDEOHLQWHUYDOZDVGHWHUPLQHGEHWZHHQWRPESV -DLPLQ..KDWULDQG*LULVK.KLODULKDYHSURSRVHGDQDUFKLWHFWXUHZKLFKSURYLGHVLPSOHPHQWDWLRQRI6HULFDWD ,'6 DV QHWZRUN ,'6 LQ WKH EDFNHQG RI &ORXG HQYLURQPHQW 7KH DLP RI 6HULFDWD ,'6 LV WR VHFXUH WKH YLUWXDOL]HG VHUYHUVRQK\SHUYLVRUVLQWKHFORXGSODWIRUPIURPDWWDFNHUVDQGYDULRXVWKUHDWV7KHPDLQIXQFWLRQRI6HULFDWD,'6 LQWKHQHWZRUNLVFDSWXULQJRIDOOFRPLQJSDFNHWVIURPH[WHUQDOXVHUVDQGGHVWLQHGWRYLUWXDOL]HGVHUYHUVDQDO\]LQJ WKHVH SDFNHWV DQG ILQDOO\ VHQGLQJ DOHUWLI D SDFNHW LVPDWFKLQJ RQH RI UXOHV VWRUHG LQWR 6HULFDWD FRQILJXUDWLRQ ILOH +RZHYHUWKHSURSRVHGPRGHOFDQ¶WGHWHFWLQVLGHUDWWDFNVQHWZRUNLQWUXVLRQVLQYLUWXDOQHWZRUNDVZHOODVNQRZQ DWWDFNV 6DQFKLND *XSWD DQG 3DGDP .XPDU KDYH SURSRVHG DQ DSSURDFK WR GHWHFW PDOLFLRXV SURJUDP H[HFXWLRQV DW FOLHQW90¶VLQ&ORXGHQYLURQPHQWZLWKWKHXVHRIDQHZWHFKQLTXHRI,PPHGLDWH6\VWHP&DOOVLJQDWXUHGHWHFWLRQ ,QWKLVDSSURDFKIRUHYHU\XQLTXH6\VWHP&DOO XVHUSURJUDPRUV\VWHPSURJUDP WKHOLVWRIDOO,PPHGLDWH6\VWHP &DOOVIROORZLQJLWLVLGHQWLILHGDQGFUHDWHGIURPLWVQRUPDOH[HFXWLRQORJVDQGVXFKVLJQDWXUHVDUHVWRUHGDQGWKHQ XVHGDVEDVHOLQHIRUDQRPDORXVSURJUDPGHWHFWLRQV7KLVPHWKRGLVEDVHGRQWKHIDFWWKDWZKHQHYHUWKHSURJUDPLV VXEYHUWHGRULVH[HFXWHGLQDPDOLFLRXVZD\RQDFOLHQWLWFDXVHVDGHYLDWLRQLQWKH,PPHGLDWH6\VWHP&DOOVHTXHQFH SDWWHUQFRUUHVSRQGLQJWRHDFKXQLTXH6\VWHP&DOOV7KLVGHYLDWLRQFDQHDVLO\EHGHWHFWHGDQGORJJHGIRUJHQHUDWLQJ DOHUWVWR&ORXG$GPLQ&ORXGDGPLQWKHQUHDFWRQLWHLWKHUE\XQLQVWDOOLQJWKHPDOLFLRXVVRIWZDUHIURPFOLHQWRUE\ UHSODFLQJ WKH VRIWZDUH ZLWK LWV YDOLG UHSOLFD +RZHYHU WKH GHWHFWLRQ RI PDOLFLRXV SURJUDPV LV QRW LQ UHDO WLPH EHFDXVH RI WKH SHULRGLF QDWXUH RI WKH SURSRVHG DQRPDO\ GHWHFWLRQ PRGXOH ,Q DGGLWLRQ WKH GHWHFWLRQ PRGXOH FDQ GHWHFWRQO\VXEYHUVLRQVRISURJUDPVZKRVHWKHVLJQDWXUHVRIWKHLULPPHGLDWHV\VWHPFDOOVDUHDOUHDG\JHQHUDWHGDQG DOVRWKHUHDFWLRQWRDQDWWDFNLVQRWDXWRPDWLFLWLVGHFLGHGE\WKHFORXGDGPLQ %$O±6KDGDLIDWHWDOKDYHSURSRVHGDQDQRPDO\LQWUXVLRQGHWHFWLRQPRGHOWRGHDOZLWKDWWDFNVDQGVHFXULW\ YLRODWLRQV LQ FORXG HQYLURQPHQW7KH SURSRVHG DSSURDFK FRQVLVWV RI +RSHILHOG $UWLILFLDO 1HWZRUN DQG 6LPXODWLQJ $QQHDOLQJDVDJJUHJDWRU7KHIUDPHZRUNIRUDQRPDO\,'6LVGLYLGHGLQWRWKUHHVWDJHV'DWDVHW*URXSLQJ+RSILHOG $UWLILFLDO1HXUDO1HWZRUN +$11 DQG6LPXODWLQJ$QQHDOLQJDJJUHJDWRU$FFRUGLQJWRH[SHULPHQWVSHUIRUPHGE\

1203

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

DXWKRUV WKH SURSRVHG PRGHO SURYLGHV D GHWHFWLRQ UDWH   ZKLFK FDQ EH FRQVLGHUHG DV D ZHDN GHWHFWLRQ UDWH FRPSDUHG ZLWK PHWKRGV LQ    )RU JDLQ EHWWHU GHWHFWLRQ UDWH PRUH HQKDQFHPHQWV PXVW EH FRQGXFWHG E\ H[SORULQJWKHLPSDFWRIQHWZRUNIHDWXUHVLQGHWHFWLRQUDWH 2XUSURSRVHGIUDPHZRUNSURYLGHVVROXWLRQWROLPLWDWLRQVH[LVWLQJLQWKHVHDSSURDFKHVDQGRWKHUV UHVHDUFKHV ,Q WKLV SDSHU ZH SURSRVH D FRRSHUDWLYH DQG K\EULG DSSURDFK WKDW FRPELQHV WZR QHWZRUN LQWUXVLRQ GHWHFWLRQ WHFKQLTXHV VLJQDWXUH EDVHG GHWHFWLRQ DQG DQRPDO\ GHWHFWLRQ ,Q PLVXVH GHWHFWLRQ ZH HPSOR\ 6QRUW ZKHUHDV LQ DQRPDO\ GHWHFWLRQ ZH XVH %DFN3URSDJDWLRQ QHXUDO QHWZRUN GHWHFWRU RSWLPL]HG E\ DQ RSWLPL]DWLRQ DOJRULWKPWRJHWWKHRSWLPDOFRQQHFWLRQVZHLJKWVRI%137KHUHIRUHWKHGHWHFWLRQDFFXUDF\DQGHIILFLHQF\RI%13 GHWHFWRUZLOOEHLPSURYHG  &+1,'6LQWKH&ORXG&RRSHUDWLYHDQG+\EULG6HFXULW\)UDPHZRUN   ,QWHJUDWLQJ1,'6LQFORXGGDWDFHQWHU  7KHDLPRIWKHSURSRVHG&+1,'6LVWRGHWHFWDQ\YLRODWLRQRIWKHVHFXULW\SROLF\RQWKHFRPSXWHUV\VWHP,W DOORZVGHWHFWLQJDQGVWRSSLQJDWWDFNVLQUHDOWLPHLPSDLULQJWKHVHFXULW\RIWKH&ORXG'DWDFHQWHU $VVKRZQLQILJXUHZHSURSRVHWRGHSOR\RXU1,'6RQWZRVWUDWHJLFSRVLWLRQV x 1,'6 RQ )URQW(QG RI &ORXG ,QWHJUDWLQJ 1,'6 PRGXOH RQ IURQW HQG RI &ORXG KHOSV WR GHWHFW QHWZRUN LQWUXVLRQV IURP H[WHUQDOQHWZRUN RI &ORXG +RZHYHULWLVQRW DEOHWR GHWHFWDWWDFN DW LQWHUQDOQHWZRUN RI &ORXG x 1,'6 RQ %DFN(QG 3RVLWLRQLQJ 1,'6PRGXOH RQ SURFHVVLQJ VHUYHUKHOSVWR GHWHFW LQWUXVLRQV DW LQWHUQDO QHWZRUNRI&ORXG,QDYLUWXDOHQYLURQPHQWZHKDYHVHYHUDOYLUWXDOPDFKLQHVRQWKHVDPHSK\VLFDOVHUYHU DQGWKH\FDQLQWHUFRPPXQLFDWHWKURXJKWKHYLUWXDOVZLWFKZLWKRXWOHDYLQJWKHSK\VLFDOVHUYHU 7KHUHIRUH QHWZRUNVHFXULW\GHYLFHVRQWKH/$1FDQ¶WPRQLWRUWKLVQHWZRUNWUDIILFLIWKHWUDIILFGRHVQRWQHHGWRSDVV WKURXJKVHFXULW\DSSOLDQFHVSULPDULO\DILUHZDOOWKHUHIRUHDORRSKROHIRUDOONLQGVRIVHFXULW\DWWDFNVZLOO EH RSHQHG 7KXV WKH VWDUWLQJ SRLQW RI DQ DWWDFNHU LV FRPSURPLVLQJ RQO\ RQH 90 DQG XVLQJ LW DV D VSULQJERDUG WR WDNH FRQWURO RI WKH RWKHU 90V ZLWKLQ WKH VDPHK\SHUYLVRU 7KLV LVJHQHUDOO\ GRQH ZLWKRXW EHLQJPRQLWRUHGRUGHWHFWHGJLYLQJWKHDWWDFNHUDYDVWKDFNGRPDLQ0RUHRYHUWKHYLUWXDOHQYLURQPHQWLV H[SRVHGWRVHYHUDOWKUHDWVFHQWHUHGPRVWO\RQWKHK\SHUYLVRU+\SHUMDFNLQJ 90HVFDSH90PLJUDWLRQ 90WKHIWDQG,QWHU90WUDIILF

  )LJ3RVLWLRQVRI1,'6LQWKH&ORXG



1204

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

 2XU1,'6LVGHVLJQHGWRPRQLWRUWKDWYLUWXDOWUDIILFDQGDOVRWKHIORZRIWUDIILFIURPRUWRWKHSURFHVVLQJVHUYHURQ WKHSK\VLFDOQHWZRUN:HKDYHQ¶WFKRVHQWRLQVWDOOWKH1,'6RQHDFKYLUWXDOPDFKLQHEHFDXVHLWZLOOEHDQDGGLWLRQDO EXUGHQLWZLOOZHLJKGRZQWKHZRUNRIWKH90,QDGGLWLRQVXFKFRQILJXUDWLRQUHTXLUHVPXOWLSOHLQVWDQFHVRI1,'6 ZKLFKPDNHVFRPSOH[PDQDJHPHQWRI1,'6ZKHUHDV90VDUHG\QDPLFDOO\PLJUDWHGSURYLVLRQHGRU GHSURYLVLRQHG    $UFKLWHFWXUHRISURSRVHG1,'6IUDPHZRUN  7KHDUFKLWHFWXUHRISURSRVHG&+1,'6DVVKRZQLQILJXUHFRQVLVWVRIPDLQO\IRXUPRGXOHV6LJQDWXUHEDVHG GHWHFWLRQ$QRPDO\GHWHFWLRQ$OHUW6\VWHPDQG&HQWUDOORJRIPDOLFLRXVSDFNHWV x 6LJQDWXUH EDVHG GHWHFWLRQ ,W FRQVLVWV RI WZR FRPSRQHQWV 6QRUW DQG WKH PLVXVH GHWHFWLRQ GDWDEDVH 7KLV GDWDEDVH LV JHQHUDWHG EDVHG RQ SUHGHILQHGQHWZRUNDWWDFNUXOHV 6QRUWPDWFKHVWKH FDSWXUHG SDFNHWV ZLWK UXOHVVWRUHGLQPLVXVHEDVHWRILQGDQ\FRUUHODWLRQ ,QWKLVFDVHLWGHWHUPLQHVWKHQDWXUHRIWKHDWWDFNDQG VHQG DOHUW PHVVDJH WR ´$OHUW 6\VWHP´ 7KH QRQLQWUXVLRQ SDFNHWV DUH IRUZDUGHG WR ³$QRPDO\ GHWHFWLRQ´ PRGXOHIRUPRUHLQYHVWLJDWLRQ2QHRIWKHDGYDQWDJHVIRUXVLQJWKLVWHFKQLTXHLVWKDWZHFDQHDVLO\XSGDWH PLVXVHEDVHZLWKRXWPRGLI\LQJH[LWLQJUXOHV x $QRPDO\ GHWHFWLRQ ,W LV FRPSRVHG RI WKUHH FRPSRQHQWV %DFN 3URSDJDWLRQ QHXUDO QHWZRUN DOJRULWKP %31  D PRGXOH EDVHG RQ DQ RSWLPL]DWLRQ DOJRULWKP WR RYHUFRPH WKH ZHDNQHVV RI %31 PHQWLRQHG LQ VXEVHFWLRQ  DQG DQ DQRPDO\ GHWHFWLRQ GDWDEDVH ,Q OHDUQLQJ SKDVHWKH %31 FODVVLILHULV WUDLQHG XVLQJ PDOLFLRXVDQGQRUPDOSDFNHWVVWRUHGLQDQRPDO\GHWHFWLRQGDWDEDVH,QGHWHFWLQJSKDVHWKH%31SUHGLFWV WKHFODVVRIWKHJLYHQQHWZRUNSDFNHWV,ILWLVQRUPDOLWLVDOORZHGWRDFFHVVWR&ORXGLQIUDVWUXFWXUHHOVHLW LVGHQLHGDQG³$OHUW6\VWHP´LVQRWLILHG 

)LJ$UFKLWHFWXUHRISURSRVHG&+1,'6IUDPHZRUN 

x x

$OHUW 6\VWHP JHQHUDWHV DOHUWV DERXW LQWUXVLRQV WKDW DUH GHWHUPLQHG HLWKHU E\ VQRUW RU %3 QHXUDO QHWZRUN FODVVLILHU,WVWRUHVDOHUWHGLQWUXVLRQLQFHQWUDOORJGDWDEDVH &HQWUDOORJRIPDOLFLRXVSDFNHWV,WXVHGE\&+1,'6GHSOR\HGRQRWKHUVKRVWVWRXSGDWHWKHLUEDVHVZLWK DOHUWV IRXQG LQDOHUW GDWDEDVH 6R WKHQH[WWLPH VXFK LQWUXVLRQ FDQ EH HDVLO\ GHWHFWHG E\ 6QRUWDW RWKHUV KRVWV7KLVUHGXFHVFRPSXWDWLRQDOFRVWDQGDOVRWLPHGHWHFWLRQLQRYHUDOOWKH&ORXG



1205

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

  :RUNIORZRISURSRVHG1,'6IUDPHZRUN  ,Q2XU1,'6PRGXOHZHXVHERWKWHFKQLTXHV VLJQDWXUHEDVHGDQGDQRPDO\EDVHG WKDWDUHFRPSOLPHQWHGHDFK RWKHU$VVKRZQLQILJXUHQHWZRUNSDFNHWVDUHFDSWXUHGIURPSK\VLFDODQGYLUWXDOQHWZRUN7KHQVLJQDWXUHEDVHG WHFKQLTXH LV DSSOLHG RQ FDSWXUHG SDFNHWV WR GHWHFW LQWUXVLRQV XVLQJ 6QRUW ,W FRQVLVWV RI PDWFKLQJ WKH FDSWXUHG SDFNHWV ZLWK UXOHV VWRUHG LQ DWWDFN VLJQDWXUH GDWDEDVH ,I DQ\ FRUUHVSRQGHQFH LV IRXQG DQ DOHUW LV JHQHUDWHG DQG VWRUHGLQFHQWUDOORJGDWDEDVH7KHQDOHUWHGSDFNHWLVGHQLHG1RQLQWUXVLRQSDFNHWVDUHIRUZDUGHGWRWKHRSWLPL]HG %31FODVVLILHUZKLFKLVDSSOLHGWRSUHGLFWFODVVODEHO QRUPDORULQWUXVLRQ RIWKHVHSDFNHWV ,ILWILQGVDQ\LQWUXVLRQLWZLOOEHDOHUWHGDQGVWRUHGLQFHQWUDOORJEDVH2WKHUZLVH%31FRQVLGHUVWKRVHSDFNHWVDV OHJLWLPDWHSDFNHWVDQGDOORZHGWRDFFHVVWKHV\VWHP1,'6RQRWKHUVVHUYHUVXSGDWHWKHLUEDVHVZLWKDOHUWVORJJLQJLQ FHQWUDOORJEDVH



 )LJ:RUNIORZRISURSRVHG1,'6

  &RQFOXVLRQDQG)XWXUH:RUN  6HFXULW\LQFORXGFRPSXWLQJLVDPDMRUFRQFHUQZKLFKLVVORZLQJWKHDGRSWLRQRIFORXGE\WKHFRUSRUDWH2QHRI PDMRU VHFXULW\ LVVXHV LQ &ORXG LV WR GHWHFW DQG SUHYHQW QHWZRUN LQWUXVLRQV VLQFH WKH QHWZRUN LV WKH EDFNERQH RI &ORXG DQG KHQFH YXOQHUDELOLWLHV LQ QHWZRUN GLUHFWO\ DIIHFW WKH VHFXULW\ RI &ORXG 7R GHWHFW 'RV DWWDFN DQG RWKHU QHWZRUNOHYHOPDOLFLRXVDFWLYLWLHVLQ&ORXGXVHRIRQO\WUDGLWLRQDOILUHZDOOLVQRWDQHIILFLHQWVROXWLRQ,QWKLVSDSHU ZH SURSRVHG D &RRSHUDWLYH DQG +\EULG 1,'6 &+1,'6  IUDPHZRUN IRU &ORXG HQYLURQPHQW LH ,DD6  WKDW LQWHJUDWHV6QRUWDQG%DFN3URSDJDWLRQ1HXUDO1HWZRUNFODVVLILHURSWLPL]HGE\DPRGXOHEDVHGRQDQRSWLPL]DWLRQ

1206

Z. Chiba et al. / Procedia Computer Science 83 (2016) 1200 – 1206

DOJRULWKP WR RYHUFRPH WKH ZHDNQHVV RI %31 2XU SURSRVHG 1,'6 LV GHSOR\HG DW )URQW HQG DQG %DFN HQG RI WKH &ORXGWRGHWHFWH[WHUQDODWWDFNVDQGLQWHUQDODWWDFNVFRPLQJHLWKHUIURPLQWHUQDOSK\VLFDOQHWZRUNRIWKHFORXGRU WKHYLUWXDOQHWZRUNRQKRVWPDFKLQHV 2XU1,'6XVHVWKHVLJQDWXUHEDVHGDQGDQRPDO\EDVHGWHFKQLTXHVWRLPSURYHGHWHFWLRQDFFXUDF\7KHUHIRUHLWLV DEOHWRGHWHFWNQRZQDVXQNQRZQDWWDFNVLQ&ORXG:HKDYHDSSOLHGDVLJQDWXUHEDVHGWHFKQLTXHSULRUWRDQRPDO\ WHFKQLTXHUHVXOWHGLQUHGXFLQJFRPSXWDWLRQDOFRVW,QDGGLWLRQE\XVLQJFHQWUDOORJRIPDOLFLRXVSDFNHWVGHWHFWHG 1,'6SODFHGRQDOOWKHVHUYHUVZRUNLQFRRSHUDWLYHPDQQHUWKH\XSGDWHWKHLUEDVHV NQRZOHGJHEDVHDQGEHKDYLRU EDVH E\JHWWLQJDOHUWVVWRUHGLQWKHFHQWUDOORJ6RDQ\XQNQRZQDWWDFN WKDWZDVSUHYLRXVO\GHWHFWHGDWDQ\VHUYHU  FDQEHHDVLO\GHWHFWHGE\6QRUWDWRWKHUVHUYHUV7KLVDOVRKHOSVWRUHGXFHFRPSXWDWLRQDOFRVWIRUGHWHFWLQJLQWUXVLRQV DWRWKHUVHUYHUVDQGLPSURYHGHWHFWLRQUDWHLQRYHUDOOWKH&ORXG 2XU SURSRVHG 1,'6 LV GHVLJQHG WR KDYH KLJK GHWHFWLRQ UDWH KLJK DFFXUDF\ ZLWK ORZ IDOVH SRVLWLYHV ORZ IDOVH QHJDWLYHV DQG DIIRUGDEOH FRPSXWDWLRQDO FRVW 2XU IXWXUH ZRUN LV LPSOHPHQWLQJ RXU PRGXOH 1,'6 LQ RSHQ VRXUFH &ORXGHQYLURQPHQWOLNH(XFDO\WXVSURSRVLQJDQGWHVWLQJRXURSWLPL]DWLRQDOJRULWKPIRU%13FODVVLILHU   5HIHUHQFHV  1,67637KH1,67'HILQLWLRQRI&ORXG&RPSXWLQJKWWSFVUFQLVWJRYSXEOLFDWLRQVQLVWSXEV63SGI   5*DLGKDQH&9DLG\D05DJKXZDQVKL,QWUXVLRQ'HWHFWLRQDQG$WWDFN&ODVVLILFDWLRQXVLQJ%DFNSURSDJDWLRQ1HXUDO1HWZRUN ,QWHUQDWLRQDO-RXUQDORI(QJLQHHULQJ5HVHDUFK 7HFKQRORJ\     0-RXLQL/%HQ$UID5DEDL6XUYH\LQJDQG$QDO\]LQJ6HFXULW\3UREOHPVLQ&ORXG&RPSXWLQJ(QYLURQPHQWVLQ&RPSXWDWLRQDO,QWHOOLJHQFH DQG6HFXULW\ &,6 ,((7HQWK,QWHUQDWLRQDO&RQIHUHQFHRQSS $9'DVWMHUGL.$%DNDU6*+7DEDWDEDHL'LVWULEXWHG,QWUXVLRQ'HWHFWLRQLQ&ORXGVXVLQJ0RELOH$JHQWVLQ$GYDQFHG (QJLQHHULQJ&RPSXWLQJDQG$SSOLFDWLRQVLQ6FLHQFHV $'9&203 ,(((7KLUG,QWHUQDWLRQDO&RQIHUHQFHRQSS .*DQJ+<+DQ7KH5HVHDUFKRI1HWZRUN,QWUXVLRQ'HWHFWLRQ7HFKQRORJ\%DVHGRQ*HQHWLF$OJRULWKPDQG%31HXUDO 1HWZRUN$SSOLHG0HFKDQLFVDQG0DWHULDOV   /0DUWLQ$ZDUHQHVV7UXVWDQG6HFXULW\WR6KDSH*RYHUQPHQW&ORXG$GRSWLRQ:KLWHSDSHU KWWSZZZFDFRPaPHGLD)LOHV,QGXVWU\5HVHDUFKOPF\EHUVHFXULW\BJRY&ORXGDGRSWBSGI   %ODFN+DWSUHVHQWDWLRQGHPRYLGV$PD]RQKWWSZZZVHQVHSRVWFRPEORJKWPO   'HQLDORIVHUYLFHDWWDFNKWWSVHQZLNLSHGLDRUJZLNL'HQLDORIVHUYLFHBDWWDFN   10RGL'53DWHO05DMDUDMDQ,QWHJUDWLQJ6LJQDWXUH$SULRULEDVHG1HWZRUN,QWUXVLRQ'HWHFWLRQ6\VWHP 1,'6 LQ&ORXG &RPSXWLQJLQQG,QWHUQDWLRQDO&RQIHUHQFHRQ&RPPXQLFDWLRQ&RPSXWLQJDQG6HFXULW\ ,&&&6 SS &&/R&&+XDQJ-.X$&RRSHUDWLYH,QWUXVLRQ'HWHFWLRQ6\VWHP)UDPHZRUNIRU&ORXG&RPSXWLQJ1HWZRUNVLQWK,((( ,QWHUQDWLRQDO&RQIHUHQFHRQ3DUDOOHO3URFHVVLQJ:RUNVKRSV ,&33: SS &0D]]DULHOOR5%LIXOFRDQG5&DQRQLFR,QWHJUDWLQJD1HWZRUN,'6LQWRDQ2SHQ6RXUFH&ORXG&RPSXWLQJ(QYLURQPHQWLQ ,QIRUPDWLRQ$VVXUDQFHDQG6HFXULW\ ,$6 ,(((6L[WK,QWHUQDWLRQDO&RQIHUHQFHRQSS =4LQJ4LQJ=4LDQ)