Applying Emerging Data Techniques and Advanced Analytics to Combat Cyber Threat
Cyber threats are currently on the rise, which has caused individuals, industrial control systems (ICSs), critical infrastructures (CIs), and nations to be subjected to attacks with great losses. Among the cyber threats used for these attacks is the advanced persistent threat (APT) which tends to use highly sophisticated tools to attack targeted organizations or a nation’s critical infrastructure. The capabilities of big data can be leveraged in conducting advanced analytics by gathering intelligence from potential security events and network activities to make timely reports and predictions of intrusions. In this work, big data technology is proposed; a Hadoop Ecosystem was integrated to a honeypot to collect massive data from network activities and attackers’ behaviour for forensics. A decision tree classification algorithm was built in modelling a predictive model for network intrusion detection. An accuracy of 92.46% was recorded, showing its capability of giving low false positive alarm rates.