Parallel and Distributed Computing for Cybersecurity

V. Kumar
2005 IEEE Distributed Systems Online  
Parallel and distributed data mining offer great promise for addressing cybersecurity. The Minnesota Intrusion Detection System can detect sophisticated cyberattacks on large-scale networks that are hard to detect using signature-based systems. This article is based on the author's keynote talk (ppt) (http://www.ieee.org/netstorage/computer_society/dsonline_media/Kumar-PDCS2004/Kumar-KeynoteLecture-PDCS2004.ppt) at the 2004 International Conference on Parallel and Distributed Computing and
more » ... ms (PDCS 04). The phenomenal growth in computing power over much of the past five decades has been motivated by scientific applications requiring massive amounts of computation. But lately a major focus for parallel and highperformance computers has been on data-centric applications in which the application's overall complexity is driven by the data's size and nature. Data mining is one of these data-centric applications that increasingly drives development of parallel and distributed computing technology. Explosive growth in the availability of various kinds of data in both commercial and scientific domains has resulted in an unprecedented opportunity to develop automated data-driven knowledge discovery techniques. Data mining, an important step in this knowledge-discovery process, consists of methods that discover interesting, nontrivial, useful patterns hidden in the data. 1,2 The huge size and high dimensionality of available data sets make large-scale data mining applications computationally demanding, so much so that high-performance parallel computing is fast becoming an essential component of the solution. The data tends to be distributed, and issues such as scalability, privacy, and security prohibit bringing the data together. Such cases require distributed data mining. Into this mix enters the Internet, along with its tremendous benefits and vulnerabilities. The need for cybersecurity and the inadequacy of traditional approaches have piqued interest in applying data mining to intrusion detection. This article focuses on the promise and application of parallel and distributed data mining to cybersecurity. Need for cybersecurity Individuals and organizations attack and misuse computer systems, creating new Internet threats daily. The IEEE Distributed Systems Online October 2005
doi:10.1109/mdso.2005.53 fatcat:hds3igzzfnf5pdqzkhijeugx4a