ProIDS: Probabilistic Data Structures Based Intrusion Detection System for Network Traffic Monitoring

Abstract

Internet is an integrated platform where the data is growing at an exponential rate. Since it incorporates numerous business and personal services, we need to protect the data from illegal access or modifications. In literature, a large number of techniques have been proposed to protect the data against the malicious intent of the intruders. However, one of the most important way for monitoring and analyzing network traffic against various attacks is by the deployment of Intrusion detection systems (IDS). This paper presents a novel IDS based on probabilistic data structures named as ProIDS. In the proposed ProIDS, a popular probabilistic data structure (PDS), Bloom filter has been used to store the information about the suspicious nodes. Using Bloom filter, the number of hits on suspicious nodes per unit time has been computed using the modified version of Count min sketch, i.e., MCMS, a PDS. The work also presents a detailed theoretical analysis backed by relevant technical description. Simulation results clearly depict that the proposed system is more reliable and scalable in comparison to the existing Count-min sketch method. The results obtained show that proposed system requires comparatively less computational time and storage in comparison to the existing Count-min sketch method.