A Machine Learning Based CIDS Model for Intrusion Detection to Ensure Security Within Cloud Network
Abstract
Cloud computing has changed quickly in recent years, and security issues have become more prevalent. Through the Internet, cloud computing has the amazing ability to deliver powerful, versatile, adaptable, affordable, and manageable assets that are always on the go. The potential of hardware resources is maximized by cloud computing through efficient and shared use. Data and service availability are challenges raised by a number of cloud computing difficulties. To improve cloud security for consumers and service providers, a multitude of security services are required. In order to provide security within the cloud and prevent load imbalance scenarios, this study suggests using Cloud Intrusion Detection Systems (CIDS). Cloud security vulnerabilities include denial of service, scanning, malware code injection, viruses, worms, and password cracking. If these attacks are not discovered in time, they might harm the company's finances and image. Our idea through this work aims to protect the cloud from these types of attacks and to accurately detect and anticipate them early on. Previous research projects have noted that when dimensionality reduction is used in conjunction with data mining (DM), machine learning (ML) techniques have been proven to perform better. The authors proposed a CIDS by choosing relevant characteristics using relevant feature reduction techniques, then feeding this subset of data through the ML tool in order to develop such a robust model to assure a cloud network. Python and the Scikit-Learn program are used to simulate the proposed model. Using the KDDcup99 dataset as a benchmark, the simulation experiment's results were assessed using a variety of performance assessment criteria, including precision, recall, F-Score, detection ratio, RoC curve, etc. Our recommended methodology produced simulation results that were more efficient and on par with a number of other approaches. It has been noted that the ML-based proposed model was found to be sufficiently capable of safeguarding cloud-based data by identifying potentially suspicious user behavior, protecting the cloud network from threats, and demonstrating superior performance in true prediction and early intrusion detection, which led to a reduction in computational costs.
References
M. Carroll, A. Van Der Merwe and P. Kotze, “Secure cloud computing: Benefits, risks and controls”, In 2011 information security for South Africa, pp. 1-9, 2011.
K. Aparna, G.R. Kumar, S. Ishar, N. Santhosh and D. Sreeja, “CaseStudy On DDoS Attacks And Attack TrendsIn Cloud Computing Environments”, International Yournal of Techo-Engineering, vol. 13, no. 3, pp. 378-383, 2021.
A.K. Muhammed Kunju, S. Baskar, S. Zafar and B. AR, “A transformer based real-time photo captioning framework for visually impaired people with visual attention”, Multimedia Tools and Applications, pp. 1-20, 2024.
S. Sachdeva and A. Ali, “Machine learning with digital forensics for attack classification in cloud network environment”, International Journal of System Assurance Engineering and Management, vol. 13, no. 1, pp.156-165, 2022. doi: 10.1007/s13198-021-01323-4
C. Prajitha, K.P. Sridhar and S. Baskar, “Variance approximation and probabilistic decomposition noise removal framework for arrhythmia detection and classification on internet of medical things environment”, Wireless Personal Communications, vol. 125, no. 1, pp. 965-985, 2020.
M. Arun, D. Barik and S.S. Chandran, “Exploration of material recovery framework from waste–A revolutionary move towards clean environment”, Chemical Engineering Journal Advances, vol. 18, p. 100589, 2024.
E.M. Onyema, S. Dalal, C.A.T. Romero, B. Seth, P. Young and M.A. Wajid, “Design of intrusion detection system based on cyborg intelligence for security of cloud network traffic of smart cities”, Journal of Cloud Computing, vol. 11, no. 1, pp. 1-26, 2022. doi: 10.1186/s13677-022-00305-6
K. Gangadharan, G.R.N. Kumari, D. Dhanasekaran and K. Malathi, “Detection and classification of various pest attacks and infection on plants using RBPN with GA based PSO algorithm”, Indonesian Journal of Electrical Engineering and Computer Science (IJEECS), vol. 20, no. 3, pp. 1278-1288, 2020. doi: 10.11591/ijeecs.v20.i3.pp1278-1288
D. Singh, D. Patel, B. Borisaniya and C. Modi, “Collaborative ids framework for cloud”, International Journal of Network Security, pp. 1-63, 2013.
B.B. Gupta and O.P. Badve, “Taxonomy of DoS and DDoS attacks and desirable defense mechanism in a cloud computing environment”, Neural Computing and Applications, vol. 28, pp. 3655-3682, 2017.
C.V. Kopek, E.W. Fulp and P.S. Wheeler, “Distributed data parallel techniques for content-matching intrusion detection systems”, In MILCOM 2007-IEEE Military Communications Conference, pp. 1-7, 2007. doi: 10.1109/ MILCOM.2007.4454922
L. Vokorokos, M. Ennert, M. Čajkovský and A. Turinska, “A distributed network intrusion detection system architecture based on computer stations using GPGPU”, In 2013 IEEE 17th International Conference on Intelligent Engineering Systems (INES), pp. 323-326, 2013. doi: 10.1109/INES.2013.6632834
S. Stafford and J. Li, “Behavior-based worm detectors compared”, In International Workshop on Recent Advances in Intrusion Detection, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 38-57, 2010.
J. Kim and P.J. Bentley, “An evaluation of negative selection in an artificial immune system for network intrusion detection”, In Proceedings of the 3rd Annual Conference on Genetic and Evolutionary Computation, pp. 1330-1337, 2001.
M.K. Siddiqui and S. Naahid, “Analysis of KDD CUP 99 dataset using clustering based data mining”, International Journal of Database Theory and Application, vol. 6, no. 5, pp. 23-34, 2013. doi: 10.14257/ijdta.2013.6.5.03
M. Mazziotta and A. Pareto, “Normalization methods for spatio‐temporal analysis of environmental performance: Revisiting the Min–Max method”, Environmetrics, vol. 33, no. 5, pp. 1-12, 2022.
P. Chiniforooshan and D. Marinkovic, “A hybrid particle swarm optimization algorithm for single machine scheduling with sequence-dependent setup times and learning effects”, Computational algorithms and numerical dimensions, vol. 2, no. 2, pp. 74-86, 2023.
A. Alotaibi and M.A. Rassam, “Adversarial machine learning attacks against intrusion detection systems: A survey on strategies and defense”, Future Internet, vol. 15, no. 2, pp. 1-62, 2023.
P. Dini, A. Elhanashi, A. Begni, S. Saponara, Q. Zheng and K. Gasmi, “Overview on intrusion detection systems design exploiting machine learning for networking cybersecurity”, Applied Sciences, vol. 13, no. 13, p.7507, 2023.
M.A. Talukder, K.F. Hasan, M.M. Islam, M.A. Uddin, A. Akhter, M.A. Yousuf, F. Alharbi and M.A. Moni, “A dependable hybrid machine learning model for network intrusion detection”, Journal of Information Security and Applications, vol. 72, pp. 1-12, 2023. doi: 10.1016/j.jisa.2022.103405
K. He, D.D. Kim and M.R. Asghar, “Adversarial machine learning for network intrusion detection systems: A comprehensive survey”, IEEE Communications Surveys & Tutorials, vol. 25, no. 1, pp. 538-566, 2023.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
