nach oben

Cluster Computing

Erschienen in:

02.01.2021

Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing

verfasst von: S. Krishnaveni, S. Sivamohan, S. S. Sridhar, S. Prabakaran

Erschienen in: Cluster Computing | Ausgabe 3/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud computing is a preferred option for organizations around the globe, it offers scalable and internet-based computing resources as a flexible service. Security is a key concern factor in any cloud solution due to its distributed nature. Security and privacy are huge obstacles faced in its success of the on-demand service as it is easily vulnerable to intruders for any kind of attack. A huge upsurge in network traffic has paved the way to security breaches which are more complicated and widespread. Tackling these attacks has become an inefficient application of traditional intrusion detection systems (IDS) environment. In this research, we developed an efficient Intrusion Detection System (IDS) for the cloud environment using ensemble feature selection and classification techniques. This proposed method was relying on the univariate ensemble feature selection technique, which is used for the selection of valuable reduced feature sets from the given intrusion datasets. While the ensemble classifiers that can competently fuse the single classifiers to produce a robust classifier using the voting technique. An ensemble based proposed method effectively classifies whether the network traffic behavior is normal or attack. The implementation of the proposed method was measured by applying various performance evaluation metrics and ROC-AUC (“area under the receiver operating characteristic curves”) across various classifiers. The results of the proposed methodology achieved a strong considerable amount of performance enhancement compared with other existing methods. Moreover, we performed a pairwise t test and proved that the performance of the proposed method was statistically significantly different from other existing approaches. Finally, the outcome of this investigation was obtained with the best accuracy and lowest false alarm rate (FAR).

Vorheriger Artikel SaMW: a probabilistic meta-heuristic algorithm for job scheduling in heterogeneous distributed systems powered by microservices

Nächster Artikel Novel trust evaluation using NSGA-III based adaptive neuro-fuzzy inference system

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Thidar, M., Win, M., Khaing, K. T.: Detection and Classification of Attacks in Unauthorized Accesses. pp. 345–349 (2014) https://doi.org/10.15242/iie.e0314155

Pham, N. T., Foo, E., Suriadi, S., Jeffrey, H., Lahza, H. F. M.: Improving performance of intrusion detection system using ensemble methods and feature selection. In ACM International Conference Proceeding Series 1–6 (Association for Computing Machinery, 2018). https://doi.org/10.1145/3167918.3167951

Webb, G.I., Zheng, Z.: Multistrategy ensemble learning: reducing error by combining ensemble learning techniques. IEEE Trans. Knowl. Data Eng. 16, 980–991 (2004)CrossRef

Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensemble of intelligent paradigms. J. Netw. Comput. Appl. 1, 11 (2004). https://doi.org/10.1016/j.jnca.2004.01.003CrossRef

Kumar Shrivas, A., Kumar Dewangan, A.: An ensemble model for classification of attacks with feature selection based on KDD99 and NSL-KDD data set. Int. J. Comput. Appl. 99, 8–13 (2014)

Kim, G., Lee, S., Kim, S.: A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst. Appl. 41, 1690–1700 (2014)CrossRef

Gogoi, P., Bhattacharyya, D.K., Borah, B., Kalita, J.K.: MLH-IDS: A multi-level hybrid intrusion detection method. Comput. J. 57, 602–623 (2014)CrossRef

Sarkar, C., Cooley, S., Srivastava, J.: Robust feature selection technique using rank aggregation. Appl. Artif. Intell. 28, 243–257 (2014)CrossRef

Mirza, A.H.: Computer network intrusion detection using various classifiers and ensemble learning. 26th IEEE Signal Process. Commun. Appl. Conf. SIU 2018 1, 11 (2018). https://doi.org/10.1109/siu.2018.8404704CrossRef

10.

Buczak, A.L., Guven, E.: A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 1153–1176 (2016)CrossRef

11.

Zhou, Y., Cheng, G., Jiang, S., Dai, M.: Building an efficient intrusion detection system based on feature selection and ensemble classifier. Comput. Networks 174, 10–247 (2019)

12.

Gaikwad, D., Thool, R.: DAREnsemble: Decision tree and rule learner based ensemble for network intrusion detection system. In: Gaikwad, D., Thool, R. (eds.) Smart Innovation, Systems and Technologies. Springer, New York (2016)

13.

Rajagopal, S., Kundapur, P.P., Hareesha, K.S.: A stacking ensemble for network intrusion detection using heterogeneous datasets. Secur. Commun. Netw. (2020). https://doi.org/10.1155/2020/4586875CrossRef

14.

Wankhade, A., Chandrasekaran, K.: Distributed-Intrusion Detection System using combination of Ant Colony Optimization (ACO) and support vector machine (SVM). in Proceedings - 2016 International Conference on Micro-Electronics and Telecommunication Engineering, ICMETE 2016 pp. 646–651 (Institute of Electrical and Electronics Engineers Inc., 2016). https://doi.org/10.1109/icmete.2016.94

15.

Tama, B.A., Rhee, K.H.: An in-depth experimental study of anomaly detection using gradient boosted machine. Neural Comput. Appl. 31, 955–965 (2019)CrossRef

16.

Ahmad, I.: Feature selection using particle swarm optimization in intrusion detection. Int. J. Distrib. Sens. Networks 11, 806 (2015)

17.

Prusti, D. An efficient intrusion detection model using ensemble methods. www.nitrkl.ac.in

18.

Osanaiye, O., et al.: Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. Eurasip J. Wirel. Commun. Netw. 2016, 130 (2016)CrossRef

19.

Zhao, F., Zhao, J., Niu, X., Luo, S., Xin, Y.: A filter feature selection algorithm based on mutual information for intrusion detection. Appl. Sci. 8, 1535 (2018)CrossRef

20.

Yang, C.: Anomaly network traffic detection algorithm based on information entropy measurement under the cloud computing environment. Clust. Comput. 22, 8309–8317 (2019)CrossRef

21.

Binbusayyis, A., Vaiyapuri, T.: Identifying and benchmarking key features for cyber intrusion detection: an ensemble approach. IEEE Access 7, 106495–106513 (2019)CrossRef

22.

Saeys, Y., Abeel, T., Van De Peer, Y.: Robust feature selection using ensemble feature selection techniques. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) vol. 5212 LNAI pp. 313–325 (Springer, Berlin, 2008)

23.

Kotsiantis, S.B.: Supervised machine learning: a review of classification techniques. Informatica 31, 208 (2007)MathSciNetMATH

24.

Ali, M., et al.: a data-driven knowledge acquisition system: an end-to-end knowledge engineering process for generating production rules. IEEE Access 6, 15587–15607 (2018)CrossRef

25.

Muallem, A., Shetty, S., Hong, L., Pan, J. W.: TDDEHT: threat detection using distributed ensembles of Hoeffding trees on streaming cyber datasets. Proc. - IEEE Mil. Commun. Conf. MILCOM 2019, pp. 219–224 (2019)

26.

Lin, Y.-D., Lai, Y.-C., Ho, C.-Y., Tai, W.-H., Tai, W.-H.: Creditability-based weighted voting for reducing false positives and negatives in intrusion detection. Comput. Secur. 39, 460–474 (2013)CrossRef

27.

Krishnaveni, S., Prabakaran, S., Sivamohan, S.: A survey on honeypot and honeynet systems for intrusion detection in cloud environment. J. Comput. Theor. Nanosci. 15, 2956–2960 (2018)CrossRef

28.

Pervez, M. S., Farid, D. M.: Feature selection and intrusion classification in NSL-KDD cup 99 dataset employing SVMs. In SKIMA 2014 - 8th International Conference on Software, Knowledge, Information Management and Applications (Institute of Electrical and Electronics Engineers Inc., 2014). https://doi.org/10.1109/skima.2014.7083539

29.

Song, J. et al.: Statistical analysis of honeypot data and building of Kyoto 2006 + dataset for NIDS evaluation. In: Proc. 1st Work. Build. Anal. Datasets Gather. Exp. Returns Secur. BADGERS 2011 29–36 (2011) https://doi.org/10.1145/1978672.1978676

30.

Iwendi, C., et al.: The use of ensemble models for multiple class and binary class classification for improving intrusion detection systems. Sensors 20, 1–37 (2020)CrossRef

31.

Kim, H., Kim, J., Kim, Y., Kim, I., Kim, K.J.: Design of network threat detection and classification based on machine learning on cloud computing. Clust. Comput. 22, 2341–2350 (2019)CrossRef

32.

Gottwalt, F., Chang, E., Dillon, T.: CorrCorr: a feature selection method for multivariate correlation network anomaly detection techniques. Comput. Secur. 83, 234–245 (2019)CrossRef

33.

Wang, W., Du, X., Wang, N.: Building a cloud IDS using an efficient feature selection method and SVM. IEEE Access 7, 1345–1354 (2019)CrossRef

34.

Manickam, M., Rajagopalan, S.P.: A hybrid multi-layer intrusion detection system in cloud. Clust. Comput. 22, 3961–3969 (2019)CrossRef

35.

Ambusaidi, M.A., He, X., Nanda, P., Tan, Z.: Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans. Comput. 65, 2986–2998 (2016)MathSciNetCrossRef

36.

Krishnaveni, S., Prabakaran, S.: Ensemble approach for network threat detection and classification on cloud computing. In Concurrency Computation (Wiley, Hoboken, 2019). https://doi.org/10.1002/cpe.5272

Titel: Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing
verfasst von: S. Krishnaveni
S. Sivamohan
S. S. Sridhar
S. Prabakaran
Publikationsdatum: 02.01.2021
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 3/2021
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-020-03222-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 3/2021

A divide and conquer approach to deadline constrained cost-optimization workflow scheduling for the cloud

Fair hop-by-hop interest rate control to mitigate congestion in named data networks

Security-SLA-guaranteed service function chain deployment in cloud-fog computing networks

A novel controller placement algorithm based on network portioning concept and a hybrid discrete optimization algorithm for multi-controller software-defined networks

Dynamic provisioning with structure inspired selection and limitation of VMs based cost-time efficient workflow scheduling in the cloud

A hybrid block-based ensemble framework for the multi-class problem to react to different types of drifts

Premium Partner