An abnormal behavior detection method in Hadoop cluster

Computer Engineering & Science

Previous Articles Next Articles

An abnormal behavior detection method in Hadoop cluster

CAI Wu-yue1,WANG Ke2,HAO Yu-jie2,DUAN Xiao-ran2

(1.National Education Examinations Authority,Beijing 100084;

2.School of Computer Science and Engineering,University of Electronic Science and Technology of China,Chengdu 611731,China)

Received:2017-07-03 Revised:2017-09-25 Online:2017-12-25 Published:2017-12-25

Abstract

Abstract:

With the development of distributed computing technology, Hadoop, as a typical representative in the field of massive data processing, is vulnerable to hidden security threats, such as data breaches, due to weak security mechanism and lack of user activity monitoring. By combining with the characteristics of the principal component analysis, we perform parallel process through MapReduce to overcome the disadvantage of principal component analysis and improve the training efficiency. We propose an abnormal behavior detection method in Hadoop cluster, namely we compare the current user behavior patterns with historical behavior patterns to see if they match, which is taken as a metric for anomaly behavior detection. Experimental results indicate that our method can detect users' anomaly behavior effectively.

Key words: Hadoop cluster, principal component analysis, anomaly detection, MapReduce, behavior pattern

CAI Wu-yue1,WANG Ke2,HAO Yu-jie2,DUAN Xiao-ran2. An abnormal behavior detection method in Hadoop cluster[J]. Computer Engineering & Science.

[1]	WU Peicheng, ZHAO Xujun, JIN Lizhong. Anomaly detection of stream data based on grid density stacking [J]. Computer Engineering & Science, 2025, 47(01): 75-85.
[2]	CHEN Zhaobo, ZHANG Lin, MA Xiaoxuan. Video anomaly detection with improved attention hybrid auto-encoder [J]. Computer Engineering & Science, 2025, 47(01): 130-139.
[3]	MA Xin-yu, LI Tong, CAO Jing-kun, WU Bo, SUN Yong-qian, ZHAO Yi . Transmission bottleneck localization based on QoS-QoE prediction [J]. Computer Engineering & Science, 2024, 46(11): 1989-1996.
[4]	YIN Chun-yong, ZHAO Feng. An anomaly detection model of time series based on dual attention and deep autoencoder [J]. Computer Engineering & Science, 2024, 46(05): 826-835.
[5]	YIN Chun-yong, FENG Meng-xue. A semi-supervised log anomaly detection method based on attention mechanism [J]. Computer Engineering & Science, 2023, 45(08): 1405-1415.
[6]	. Beacon+:A scalable lightweight end-to-end I/O performance monitoring, analysis and diagnosis [J]. Computer Engineering & Science, 2022, 44(09): 1521-1531.
[7]	HE Ping, LI Gang, LI Hui-bin, . A survey on deep learning based video anomaly detection [J]. Computer Engineering & Science, 2022, 44(09): 1620-1629.
[8]	YAN Chun-man, ZHANG Yu-yao, ZHANG Di. Face recognition based on improved label consistent KSVD dictionary learning [J]. Computer Engineering & Science, 2022, 44(02): 291-297.
[9]	Text feature selection based on improved CHI and PCA. Text feature selection based on improved CHI and PCA [J]. Computer Engineering & Science, 2021, 43(09): 1645-1652.
[10]	DANG Xiao-chao, RU Chun-rui, HAO Zhan-jun, . An indoor positioning method based on CSI and SVM regression [J]. Computer Engineering & Science, 2021, 43(05): 853-861.
[11]	WANG Si-qi, HU Jing-tao, YU Guang, ZHU En, CAI Zhi-ping. A survey of video abnormal event detection [J]. Computer Engineering & Science, 2020, 42(08): 1393-1405.
[12]	WANG Teng1，JIAO Xue-wei2，GAO Yang2. An anomaly detection algorithm based on Attention-GRU and iForest for periodic time series [J]. Computer Engineering & Science, 2019, 41(12): 2217-2222.
[13]	WANG Yu-xin,WANG Fei,WANG Guan,GUO He. A MapReduce workflow heterogeneous scheduling algorithm based on two-level DAG model [J]. Computer Engineering & Science, 2019, 41(08): 1353-1359.
[14]	FENG Zhang，PEI Dong,WANG Wei. Face recognition by support vector machine optimized by an improved grey wolf algorithm [J]. Computer Engineering & Science, 2019, 41(06): 1057-1063.
[15]	HUO Yuanlian,CAO Pengfei,DONG Junsong,SHI Ming . A multi-scale fast correlation filter tracking algorithm based on fusion features [J]. Computer Engineering & Science, 2019, 41(03): 559-566.

An abnormal behavior detection method in Hadoop cluster

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 15

Recommended Articles 0

Metrics

Comments