Multi-Level Intrusion Detection System in Cloud Computing
Article Sidebar
Main Article Content
Abstract
An intrusion detection system (IDS) is essential for protecting private data, maintaining system integrity, and ensuring network security. This research focused on the development of a multi-level IDS using cloud computing technologies to enhance network security and employs a multi-layered strategy for intrusion detection, encompassing different levels for the scrutiny of network traffic, system behavior, and potential security risks. Cloud computing infrastructure forms the basis for deploying and expanding the IDS effectively. Anomaly-based intrusion detection systems have poor precision and recall, especially for unidentified attack types and this is seen as a research gap. Alternative Fuzzy C-Means Clustering (AFCM) was utilized in this work to group the training data into homogenous training subsets, train various Artificial Neural Networks (ANN) using those subsets, and then aggregate the results. The neural network was trained using the KDD Cup ‘99 dataset and was tested using real-time internet traffic. The SYN flood, ICMP flood, and Normal activity were used as test cases for the attack and normal activity, the results show that the SYN has a 98.9% true positive rate and 1.1% false negative rate of the 10000number of connections, ICMP has 99.9% true positive rate and 0.1% false negative rate of the 10000 number of connections and the normal activity has 88.09% true positive rate and 11.74% false negative rate of the 10000 number of connections. This is an improvement over other common anomaly-based intrusion detection systems.
Downloads
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Authors hold the copyright of all published articles except otherwise stated.
References
Abiodun, O. I., Jantan, A., Omolara, A. E., Dada, K. V., Umar, A. M., Linus, O. U., ... & Kiru, M. U. (2019). Comprereview of artificial neural network
applications to pattern recognition. IEEE Access, 7, 158820-158846
Abusitta, A., Bellaiche, M., Dagenais, M., & Halabi, T. (2019). A deep learning approach for proactive multi-cloud cooperative intrusion detection system. Future Generation Computer Systems, 98, 308-318.
Ahmed Tamer Assya , Yahia Mostafaa , Ahmed Abd El-khaleqa , Maggie Mashaly (2023). Anomaly-Based Intrusion Detection System using One-
Dimensional Convolutional Neural Network. The 14th International Conference on Ambient Systems, Networks and Technologies (ANT), Leuven, Belgium. Procedia Computer Science 220 78–85.
Alaketu, A.A., Abiola, O. B., Obamiyi, S. E., Oguntimilehin, A., Badeji-Ajisafe, B., Olutosin Babalola, G. O., Olatunji, K. A., Akinduyite, C. O., and Okebule, T (2024). Comparative Analysis of Intrusion Detection Models using Big Data Analyticsand Machine Learning Techniques. The International Arab Journal of Information Technology, 21(2):326–337 (2024)
Almiani, M., AbuGhazleh, A., Al-Rahayfeh, A., Atiewi, S., & Razaque, A. (2020). Deep recurrent neural network for IoT intrusion detection system. Simulation Modelling Practice and Theory, 101, 102031.
Almomani, A., Alauthman, M., Albalas, F., Dorgham, O., & Obeidat, A. (2020). An online intrusion detection system to cloud computing based on NeuCube algorithms. In Cognitive Analytics: Concepts, Methodologies, Tools, and Applications, IGI global. pp. 1042-1059).
Alsoufi, M. A., Razak, S., Siraj, M. M., Nafea, I., Ghaleb, F. A., Saeed, F., & Nasser, M. (2021). Anomaly- based intrusion detection systems in iot using deep learning: A systematic literature review. Applied sciences, 11(18), 8383.
Bhardwaj, A., & Krishna, C. R. (2021). Virtualization in cloud computing: Moving from hypervisor to containerization—a survey. Arabian Journal for Science and Engineering, 46(9), 8585-8601.
Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., & Rida, M. (2019). New anomaly network intrusion detection system in cloud environment based on optimized back propagation neural network using improved genetic algorithm. International Journal of Communication Networks and Information Security, 11(1), 61-84.
Daramola, C.Y., Ayogu, A.A., Folorunsho, O. and Akindolie, A.M. (2019) A Bayesian Based Classification Model for Network Intrusion Detection
System. FUOYE Journal of Pure and Applied Sciences. 4(1):110-118.
Devi, B. T., Shitharth, S., & Jabbar, M. A. (2020, March). An Appraisal over Intrusion Detection systems in cloud computing security attacks. In 2020 2nd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA) (pp. 722-727). IEEE.
Elkhaldi, A. H., & Abdullah, G. A. (2022). The Effect of Cloud Computing’s Advantages and Components on Time Savings and Data Privacy for the Quality of Electronic Banking Services. International Journal of Professional Business Review, 7(3), e0601-e0601.
Fu, Y. Du, Y, Cao, Z Li,Q and Xiang, W. 2022 “A deep learning model for network intrusion detection with imbalanced data,” Electronics, vol. 11, no. 6, p. 898, 2022.
Hema, H., and KanagaSubaRaja, S. (2023). A Quantitative Approach to Minimize Energy Consumption in Cloud Data Centres using VM Consolidation Algorithm. KSII Transactions on Internet and Information Systems, 17, 2, (2023), 312-334. DOI: 10.3837/tiis.2023.02.002
Jaber, A. N., & Rehman, S. U. (2020). FCM–SVM based intrusion detection system for cloud computing environment. Cluster Computing, 23, 3221-3231.
Kandakatla R., and Rajakumari, k. (2024). Optimal Feature Selection with Cryptographic Process for IDs based Cloud Environment, 2024
International Conference on Intelligent Algorithms for Computational Intelligence Systems (IACIS), Hassan, India, 2024, pp. 1-6, doi: 10.1109/
IACIS61494.2024.10721989
Kao, M.T., Sung, D.Y., Kao, S.J and F.-M. Chang, F M, (2022) A novel two-stage deep learning structure for network flow anomaly detection, Electronics, vol. 11, p. 1531, 05 2022.
Krishnan R. and Raajan N., (2016) An Intellectual Intrusion Detection System Model for Attacks Classification Using RNN,” International Journal
of Pharmacy and Technology, vol. 8, no. 4, pp. 23157-23164, 2016
Kumar V., Das K.D., and Sinha D. (2021) “UIDS: A unified intrusion detection system for IoT environment,” Evolutionary Intelligence, vol. 14, no. 1, pp. 47–59, 2021
Mogaji S.A, Ayeni, O.A, and Olutayo, V.A (2022) Analysis of Digital Forensics in the Implementation of Intrusion Detection using Snort FUOYE Journal of Pure and Applied Sciences. FJPAS Vol 7(1), 2616-1419pg 100-108.
Raju, K. S., Rashmitha, P., Nagendra, K. V., Dharmireddi, S., Rekha M., and Sanaboina, S. P. (2024) Intrusion Detection System Using Generative
Unique Adversarial Neural Network in cloud Environment,2024 Ninth International Conference on Science Technology Engineering and Mathematics (ICONSTEM), Chennai, India, 2024, pp. 1-5, doi: 10.1109/ICONSTEM60960.2024.10568683.
Rana, P., & Batra, I. (2021, April). Detection of attacks in cloud computing environment–a comprehensive review. In 2021 2nd International Conference on Intelligent Engineering and Management (ICIEM) (pp. 496-499). IEEE.
Shafiq, D. A., Jhanjhi, N. Z., & Abdullah, A. (2022). Load balancing techniques in cloud computing environment: A review. Journal of King Saud University-Computer and Information Sciences, 34(7), 3910-3933.
Shamshirband, S., Fathi, M., Chronopoulos, A. T., Montieri, A., Palumbo, F., & Pescapè, A. (2020). Computational intelligence intrusion detection techniques in mobile cloud computing environments: Review, taxonomy, and open research issues. Journal of Information Security and Applications, 55, 102582.
Wang, W., Du, X., Shan, D., Qin, R., & Wang, N. (2020). Cloud intrusion detection method based on stacked contractive auto-encoder and support vector machine. IEEE transactions on cloud computing, 10(3), 1634-1646.
Wang, Y., Meng, W., Li, W., Liu, Z., Liu, Y., & Xue, H. (2019). Adaptive machine learning‐based alarm reduction via edge computing for distributed intrusion detection systems. Concurrency and Computation: Practice and Experience, 31(19), e5101.
Zeeshan A., Khan A., Shiang C., Johari A., and Ahmad F. (2020) “Network Intrusion Detection System: A Systematic Study of Machine Learning and Deep Learning Approaches,” Journal of Transactions on Emerging Telecommunications Technologies, vol. 32, no. 1, pp. 1-29, 2020. DOI:10.1002/ett.4150.