Top

Wireless Personal Communications

Published in:

25-10-2022

HIDM: A Hybrid Intrusion Detection Model for Cloud Based Systems

Authors: Lalit Kumar Vashishtha, Akhil Pratap Singh, Kakali Chatterjee

Published in: Wireless Personal Communications | Issue 4/2023

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The cloud computing model is very popular among the users in different sectors like banking, healthcare, education etc due to its customized low-cost services with high level reliability with efficiency. Since the cloud services are accessed through the internet by various types of users, therefore the security is a major concern in cloud based system. Network attackers can cause damage to the system through intrusive acts such as denial of service attack, backdoor channel attack etc. One strategy to stop this kind of attack and safeguard the system is to use intrusion detection model. Most of the intrusion detection models can only identify known attacks with less efficiency. But most of them are unable to detect unknown attacks which are apparently new and recycled threats. Thus a network intrusion detection model is required in cloud based systems that can identify known as well as unknown attacks. In this research work, a hybrid intrusion detection model has been introduced for cloud based systems which can uses signature based detection as well as anomaly based detection in a combined way to detect all types of attack. The experiments are performed on UNSW-NB15, CICIDS2017 and NSL-KDD datasets to get the model performance and found that it has high detection rate 92.7% on UNSW-NB15, 85.1% on CICIDS dataset and 99.8% on NSL-KDD dataset. The comparative analysis of the proposed model shows that the model performance is better than some existing models.

previous article A Random Waypoint Model for Route Avoidance with Zone Routing Protocol in Wireless Sensor Network

next article A 3.5 GHz Class-F Power Amplifier Designs Using Current-Reused Technology for 5G Application

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Singh, A., & Chatterjee, K. (2017). Cloud security issues and challenges: A survey. Journal of Network and Computer Applications, 79, 88–115.CrossRef

Mell, P., Grance, T., et al. (2011). The nist definition of cloud computing. Recommendations of the National Institute of Standards and Technology.

Sharma, P., Sengupta, J., & Suri, P. (2019). Survey of intrusion detection techniques and architectures in cloud computing. International Journal of High Performance Computing and Networking, 13(2), 184–198.CrossRef

Yadav, R. M. (2019). Effective analysis of malware detection in cloud computing. Computers & Security, 83, 14–21.CrossRef

Bace, R., & Mell, P. (2001). Nist special publication on intrusion detection systems. Technical report, Booz-allen and Hamilton Inc MCLEAN VA.

Alam, S., Shuaib, M., & Samad, A. (2019). A collaborative study of intrusion detection and prevention techniques in cloud computing. In International Conference on Innovative Computing and Communications (pp. 231–240). Springer.

Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of Network and Computer Applications, 36(1), 42–57.CrossRef

Bakshi, A., & Dujodwala, Y. B. (2010). Securing cloud from ddos attacks using intrusion detection system in virtual machine. In 2010 Second International Conference on Communication Software and Networks (pp. 260–264). IEEE.

Schapire, R. E. (2003). The boosting approach to machine learning: An overview. Nonlinear Estimation and Classification, 149–171.

10.

Li, Y., Xia, J., Zhang, S., Yan, J., Ai, X., & Dai, K. (2012). An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Systems with Applications, 39(1), 424–430.CrossRef

11.

Roschke, S., Cheng, F., & Meinel, C. (2009). An extensible and virtualization-compatible ids management architecture. In 2009 Fifth International Conference on Information Assurance and Security (Vol. 2, pp. 130–134). IEEE.

12.

Toosi, A. N., & Kahani, M. (2007). A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers. Computer Communications, 30(10), 2201–2212.CrossRef

13.

Aljawarneh, S., Aldwairi, M., & Yassein, M. B. (2018). Anomaly-based intrusion detection system through feature selection analysis and building hybrid efficient model. Journal of Computational Science, 25, 152–160.CrossRef

14.

Hoque, M.S., Mukit, M., Bikas, M., Naser, A., et al. (2012). An implementation of intrusion detection system using genetic algorithm. arXiv preprint arXiv:1204.1336

15.

Subramanian, U., & Ong, H. S. (2014). Analysis of the effect of clustering the training data in Naive Bayes classifier for anomaly network intrusion detection. Journal of Advances in Computer Networks, 2(1), 85–88.CrossRef

16.

Zhengbing, H., Jun, S., & Shirochin, V. (2007). An intelligent lightweight intrusion detection system with forensics technique. In 2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (pp. 647–651). IEEE.

17.

Ibrahim, L. M. (2010). Anomaly network intrusion detection system based on distributed time-delay neural network (dtdnn). Journal of Engineering Science and Technology, 5(4), 457–471.

18.

Chen, W.-H., Hsu, S.-H., & Shen, H.-P. (2005). Application of svm and ann for intrusion detection. Computers & Operations Research, 32(10), 2617–2634.MATHCrossRef

19.

Hajimirzaei, B., & Navimipour, N. J. (2019). Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. Ict Express, 5(1), 56–59.CrossRef

20.

Horng, S.-J., Su, M.-Y., Chen, Y.-H., Kao, T.-W., Chen, R.-J., Lai, J.-L., & Perkasa, C. D. (2011). A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Systems with Applications, 38(1), 306–313.CrossRef

21.

Tillapart, P., Yeophantong, T., Jirapun, D., & Nongpong, K. (2015). Thanachai thumthawatworn. In International Conference on Electrical Engineering/Electronics.

22.

Manzoor, I., Kumar, N., et al. (2017). A feature reduced intrusion detection system using ann classifier. Expert Systems with Applications, 88, 249–257.CrossRef

23.

Dovom, E. M., Azmoodeh, A., Dehghantanha, A., Newton, D. E., Parizi, R. M., & Karimipour, H. (2019). Fuzzy pattern tree for edge malware detection and categorization in iot. Journal of Systems Architecture, 97, 1–7.CrossRef

24.

Hassan, M. M. M. (2013). Network intrusion detection system using genetic algorithm and fuzzy logic. International Journal of Innovative Research in Computer and Communication Engineering, 1(7).

25.

Raja, S., & Ramaiah, S. (2017). An efficient fuzzy-based hybrid system to cloud intrusion detection. International Journal of Fuzzy Systems, 19(1), 62–77.CrossRef

26.

Stolfo, S., et al. (2002). The third international knowledge discovery and data mining tools competition. The University of California.

27.

Keegan, N., Ji, S.-Y., Chaudhary, A., Concolato, C., Yu, B., & Jeong, D. H. (2016). A survey of cloud-based network intrusion detection analysis. Human-centric Computing and Information Sciences, 6(1), 1–16.CrossRef

28.

Hamad, H. M., & Al-Hoby, M. (2012). Managing intrusion detection as a service in cloud networks. International Journal of Computer Applications, 41(1).

29.

Xuren, W., Famei, H., & Rongsheng, X. (2006). Modeling intrusion detection system by discovering association rule in rough set theory framework. In 2006 International Conference on Computational Inteligence for Modelling Control and Automation and International Conference on Intelligent Agents Web Technologies and International Commerce (CIMCA’06) (pp. 24–24). IEEE.

30.

Raman, M. G., Somu, N., Kirthivasan, K., Liscano, R., & Sriram, V. S. (2017). An efficient intrusion detection system based on hypergraph-genetic algorithm for parameter optimization and feature selection in support vector machine. Knowledge-Based Systems, 134, 1–12.CrossRef

31.

Houmansadr, A., Zonouz, S. A., & Berthier, R. (2011). A cloud-based intrusion detection and response system for mobile phones. In 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W) (pp. 31–32). IEEE.

32.

Li, H., & Liu, D. (2010). Research on intelligent intrusion prevention system based on snort. In 2010 International Conference on Computer, Mechatronics, Control and Electronic Engineering (Vol. 1, pp. 251–253). IEEE.

33.

Li, L., Yang, D.-Z., & Shen, F.-C. (2010). A novel rule-based intrusion detection system using data mining. In 2010 3rd International Conference on Computer Science and Information Technology (Vol. 6, pp. 169–172). IEEE.

34.

Shirazi, H. M. (2010). An intelligent intrusion detection system using genetic algorithms and features selection. Majlesi Journal of Electrical Engineering, 4(1).

35.

Vieira, K., Schulter, A., Westphall, C., & Westphall, C. (2009). Intrusion detection for grid and cloud computing. It Professional, 12(4), 38–43.CrossRef

36.

Xia, T., Qu, G., Hariri, S., & Yousif, M. (2005). An efficient network intrusion detection method based on information theory and genetic algorithm. In PCCC 2005. 24th IEEE International Performance, Computing, and Communications Conference, 2005 (pp. 11–17). IEEE.

37.

Botha, M., Von Solms, R., Perry, K., Loubser, E., & Yamoyany, G. (2002). The utilization of artificial intelligence in a hybrid intrusion detection system. In Proceedings of the 2002 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists on Enablement Through Technology (pp. 149–155).

38.

Bhushan, K., & Gupta, B. B. (2019). Distributed denial of service (ddos) attack mitigation in software defined network (sdn)-based cloud computing environment. Journal of Ambient Intelligence and Humanized Computing, 10(5), 1985–1997.CrossRef

39.

Pillutla, H., & Arjunan, A. (2019). Fuzzy self organizing maps-based ddos mitigation mechanism for software defined networking in cloud computing. Journal of Ambient Intelligence and Humanized Computing, 10(4), 1547–1559.CrossRef

40.

Idhammad, M., Afdel, K., & Belouch, M. (2018). Distributed intrusion detection system for cloud environments based on data mining techniques. Procedia Computer Science, 127, 35–41.CrossRef

41.

Lo, C.-C., Huang, C.-C., & Ku, J. (2010). A cooperative intrusion detection system framework for cloud computing networks. In 2010 39th International Conference on Parallel Processing Workshops (pp. 280–284). IEEE.

42.

Anitha, E., & Malliga, S. (2013). A packet marking approach to protect cloud environment against ddos attacks. In 2013 International Conference on Information Communication and Embedded Systems (ICICES) (pp. 367–370). IEEE.

43.

Delkesh, T., & Jabraeil Jamali, M. A. (2019). Eaodv: Detection and removal of multiple black hole attacks through sending forged packets in manets. Journal of Ambient Intelligence and Humanized Computing, 10(5), 1897–1914.CrossRef

44.

Sheltami, T., Basabaa, A., & Shakshuki, E. (2014). A3acks: Adaptive three acknowledgments intrusion detection system for manets. Journal of Ambient Intelligence and Humanized Computing, 5(4), 611–620.CrossRef

45.

Colom, J. F., Gil, D., Mora, H., Volckaert, B., & Jimeno, A. M. (2018). Scheduling framework for distributed intrusion detection systems over heterogeneous network architectures. Journal of Network and Computer Applications, 108, 76–86.CrossRef

46.

Kozik, R., Choraś, M., Ficco, M., & Palmieri, F. (2018). A scalable distributed machine learning approach for attack detection in edge computing environments. Journal of Parallel and Distributed Computing, 119, 18–26.CrossRef

47.

Son, J., & Buyya, R. (2019). Latency-aware virtualized network function provisioning for distributed edge clouds. Journal of Systems and Software, 152, 24–31.CrossRef

48.

Wang, Y., Meng, W., Li, W., Liu, Z., Liu, Y., & Xue, H. (2019). Adaptive machine learning-based alarm reduction via edge computing for distributed intrusion detection systems. Concurrency and Computation: Practice and Experience, 31(19), 5101.CrossRef

49.

Gao, Y., Liu, Y., Jin, Y., Chen, J., & Wu, H. (2018). A novel semi-supervised learning approach for network intrusion detection on cloud-based robotic system. IEEE Access, 6, 50927–50938.CrossRef

50.

Hatef, M. A., Shaker, V., Jabbarpour, M. R., Jung, J., & Zarrabi, H. (2018). Hidcc: A hybrid intrusion detection approach in cloud computing. Concurrency and Computation: Practice and Experience, 30(3), 4171.CrossRef

51.

Xu, X. (2006). Adaptive intrusion detection based on machine learning: feature extraction, classifier construction and sequential pattern prediction. International Journal of Web Services Practices, 2(1–2), 49–58.

52.

Mazzariello, C., Bifulco, R., & Canonico, R. (2010). Integrating a network ids into an open source cloud computing environment. In 2010 Sixth International Conference on Information Assurance and Security (pp. 265–270). IEEE.

53.

Park, S.-T., Li, G., & Hong, J.-C. (2020). A study on smart factory-based ambient intelligence context-aware intrusion detection system using machine learning. Journal of Ambient Intelligence and Humanized Computing, 11(4), 1405–1412.CrossRef

54.

Stevanovic, M., & Pedersen, J. M. (2014). An efficient flow-based botnet detection using supervised machine learning. In 2014 International Conference on Computing, Networking and Communications (ICNC) (pp. 797–801). IEEE.

55.

Chen, T., Zhang, X., Jin, S., & Kim, O. (2014). Efficient classification using parallel and scalable compressed model and its application on intrusion detection. Expert Systems with Applications, 41(13), 5972–5983.CrossRef

56.

Kim, H., Kim, J., Kim, I., & Chung, T.-m. (2015). Behavior-based anomaly detection on big data. Australian Information Security Management Conference.

57.

Albayati, M., & Issac, B. (2015). Analysis of intelligent classifiers and enhancing the detection accuracy for intrusion detection system. International Journal of Computational Intelligence Systems, 8(5), 841–853.CrossRef

58.

Papamartzivanos, D., Mármol, F. G., & Kambourakis, G. (2018). Dendron: Genetic trees driven rule induction for network intrusion detection systems. Future Generation Computer Systems, 79, 558–574.CrossRef

59.

Abbasi, A., Wetzels, J., Bokslag, W., Zambon, E., & Etalle, S. (2014). On emulation-based network intrusion detection systems. In International Workshop on Recent Advances in Intrusion Detection (pp. 384–404). Springer.

60.

Panda, M., Abraham, A., & Patra, M. R. (2010). Discriminative multinomial naive bayes for network intrusion detection. In 2010 Sixth International Conference on Information Assurance and Security (pp. 5–10). IEEE.

61.

Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J., & Alazab, A. (2020). Hybrid intrusion detection system based on the stacking ensemble of c5 decision tree classifier and one class support vector machine. Electronics, 9(1), 173.CrossRef

62.

Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Systems with Applications, 41(4), 1690–1700.MathSciNetCrossRef

63.

Al-Yaseen, W. L., Othman, Z. A., & Nazri, M. Z. A. (2017). Multi-level hybrid support vector machine and extreme learning machine based on modified k-means for intrusion detection system. Expert Systems with Applications, 67, 296–303.CrossRef

64.

VivinSandar, S., & Shenai, S. (2012). Economic denial of sustainability (edos) in cloud services using http and xml based ddos attacks. International Journal of Computer Applications, 41(20).

65.

Ahmed, M., Mahmood, A. N., & Hu, J. (2016). A survey of network anomaly detection techniques. Journal of Network and Computer Applications, 60, 19–31.CrossRef

66.

Lippmann, R., Haines, J. W., Fried, D. J., Korba, J., & Das, K. (2000). The 1999 darpa off-line intrusion detection evaluation. Computer networks, 34(4), 579–595.CrossRef

67.

Bolon-Canedo, V., Sanchez-Marono, N., & Alonso-Betanzos, A. (2011). Feature selection and classification in multiple class datasets: An application to kdd cup 99 dataset. Expert Systems with Applications, 38(5), 5947–5957.CrossRef

68.

https://www.unb.ca/cic/datasets/nsl.html

69.

Moustafa, N., & Slay, J. (2015). Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In 2015 Military Communications and Information Systems Conference (MilCIS) (pp. 1–6). IEEE.

70.

https://www.unb.ca/cic/datasets/ids-2017.html

71.

https://www.ll.mit.edu/r-d/datasets/1998-darpa-intrusion-detection-evaluation-dataset

72.

Samriya, J. K., Tiwari, R., Cheng, X., Singh, R. K., Shankar, A., & Kumar, M. (2022). Network intrusion detection using aco-dnn model with dvfs based energy optimization in cloud framework. Sustainable Computing: Informatics and Systems, 35, 100746.

73.

Balamurugan, E., Mehbodniya, A., Kariri, E., Yadav, K., Kumar, A., & Haq, M. A. (2022). Network optimization using defender system in cloud computing security based intrusion detection system withgame theory deep neural network (idsgt-dnn). Pattern Recognition Letters, 156, 142–151.CrossRef

74.

Sahu, S. K., Katiyar, A., Kumari, K. M., Kumar, G., & Mohapatra, D. P. (2019). An svm-based ensemble approach for intrusion detection. International Journal of Information Technology and Web Engineering (IJITWE), 14(1), 66–84.CrossRef

75.

Sahu, S. K., Mohapatra, D. P., Rout, J. K., Sahoo, K. S., & Luhach, A. K. (2021). An ensemble-based scalable approach for intrusion detection using big data framework. Big Data, 9(4), 303–321.CrossRef

76.

Singh, A., Chatterjee, K., & Satapathy, S.C. (2021). An edge based hybrid intrusion detection framework for mobile edge computing. Complex & Intelligent Systems, 1–28.

77.

Moustafa, N., & Slay, J. (2016). The evaluation of network anomaly detection systems: Statistical analysis of the unsw-nb15 data set and the comparison with the kdd99 data set. Information Security Journal: A Global Perspective, 25(1–3), 18–31.

78.

Kumar, V., Das, A. K., & Sinha, D. (2021). Uids: A unified intrusion detection system for iot environment. Evolutionary Intelligence, 14(1), 47–59.CrossRef

79.

Mao, B., Kawamoto, Y., & Kato, N. (2020). Ai-based joint optimization of qos and security for 6g energy harvesting internet of things. IEEE Internet of Things Journal, 7(8), 7032–7042.CrossRef

80.

Li, Y., Li, F., Yang, S., Chen, H., Zhang, Q., Wu, Y., & Wang, Y. (2019). Ptasim: Incentivizing crowdsensing with poi-tagging cooperation over edge clouds. IEEE Transactions on Industrial Informatics, 16(7), 4823–4831.CrossRef

81.

Artur, M. (2021). Review the performance of the bernoulli naïve bayes classifier in intrusion detection systems using recursive feature elimination with cross-validated selection of the best number of features. Procedia Computer Science, 190, 564–570.CrossRef

Title: HIDM: A Hybrid Intrusion Detection Model for Cloud Based Systems
Authors: Lalit Kumar Vashishtha
Akhil Pratap Singh
Kakali Chatterjee
Publication date: 25-10-2022
Publisher: Springer US
Published in: Wireless Personal Communications / Issue 4/2023
Print ISSN: 0929-6212
Electronic ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-022-10063-y

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 4/2023

An Efficient Real-Time Embedded Application Mapping for NoC Based Multiprocessor System on Chip

Energy-Efficient Compressive Sensing Based Data Gathering and Scheduling in Wireless Sensor Networks

A Study on Different Deep Learning Algorithms Used in Deep Neural Nets: MLP SOM and DBN

Efficient MFR Scheduler Algorithm for OFDMA Cellular System

High Isolation Compact UWB MIMO Antennas

COSFI-RIMAC: A Cooperative Short Frame Identifier Receiver Initiated MAC Protocol for Wireless Sensor Network