Network Intrusion Detection Systems (NIDSs) detect intrusion attacks in network traffic. In particular, machine-learning-based NIDSs have attracted attention because of their high detection rates of unknown attacks. A distributed processing framework for machine-learning-based NIDSs employing a scalable distributed stream processing system has been proposed in the literature. However, its performance, when machine-learning-based classifiers are implemented has not been comprehensively evaluated. In this study, we implement five representative classifiers (Decision Tree, Random Forest, Naive Bayes, SVM, and kNN) based on this framework and evaluate their throughput and latency. By conducting the experimental measurements, we investigate the difference in the processing performance among these classifiers and the bottlenecks in the processing performance of the framework.

翻译：网络入侵检测系统（NIDS）用于检测网络流量中的入侵攻击。其中，基于机器学习的NIDS因其对未知攻击的高检测率而备受关注。已有文献提出了一种采用可扩展分布式流处理系统的、面向基于机器学习的NIDS的分布式处理框架。然而，当在该框架中实现基于机器学习的分类器时，其性能尚未得到全面评估。在本研究中，我们基于该框架实现了五种代表性分类器（决策树、随机森林、朴素贝叶斯、支持向量机与k近邻），并评估了它们的吞吐量与延迟。通过实验测量，我们探究了这些分类器之间处理性能的差异，以及该框架处理性能中的瓶颈所在。