Intrusion detection and Big Heterogeneous Data: A Survey
Intrusion detection and Big Heterogeneous Data: A Survey

Reference:  Intrusion detection and Big Heterogeneous Data: A Survey

By Authors:

  • Richard Zuech Email author,
  • Taghi M Khoshgoftaar and
  • Randall Wald

Thank you Richard Zuech, Taghi M. Khoshgoftaar and Randall Wald for citing my work in on IDS and Multisensor Data Fusion and for referencing me as “the inspiration” for your work.  That was very kind of you and your team.   Here are a few quotes from your paper:

“In 2000, Bass [36] made a major contribution to Intrusion Detection research by suggesting data fusion as a technique to aggregate Intrusion Detection data from many different heterogeneous sources such as “numerous distributed packet sniffers, system log files, SNMP traps and queries, user profile databases, system messages, and operator commands”. Essentially, data fusion is a technique to make overall sense of data from different sources which commonly have different data structures. Bass also elaborated extensively on using data fusion online (near real-time) in conjunction with data mining offline in order to process the enormous amount of cybersecurity data more effectively so that it could be useful for Intrusion Detection purposes.”

“In 2000, Bass [36] made a major contribution to Intrusion Detection research by suggesting data fusion as a technique to aggregate Intrusion Detection data from many different heterogeneous sources”

“In ‘Multisensor data fusion for next generation distributed intrusion detection systems’ [49], Bass elaborated further on his proposed model and provides further details on data fusion. Bass’s approach of analyzing Intrusion Detection data across many different types of devices and systems concurrently is an excellent example of utilizing many diverse heterogeneous sources, helping researchers gain enhanced insight into cybersecurity (particularly in the context of Big Data challenges).”

“From a general conceptual framework, more experimentation is needed into what Bass [36] proposed, which explored how data mining from offline repositories can give useful feedback to effectively and efficiently benefit real-time Intrusion Detection. Bass’s concept was fairly sophisticated and very highly cited by the research community. However there has not been significant experimental research with this model. A good deal of experimentation is still needed to explore the effectiveness of Bass’s model with concepts such as real-time feedback and utilizing different Intrusion Detection “feature templates” based on the current situation.”

I look forward to reading more of your research.