Optimization of Deep Generative Intrusion Detection System for Cloud Computing: Challenges and Scope for Improvements

Nitin Wankhade; Anand Khandare

doi:10.4108/eetsis.3993

Authors

Nitin Wankhade Thakur College of Engineering and Technology
Anand Khandare Thakur College of Engineering and Technology

DOI:

https://doi.org/10.4108/eetsis.3993

Keywords:

Cloud Intrusion detection system, Data Imbalance, Machine Learning, Ensemble methods

Abstract

The large amount of data and its exponential increase result in security problems which subsequently cause damage to cloud computing and its environments. The Intrusion detection system (IDS) is among the systems that monitor and analyse data for malicious attacks in the cloud environment. High volume, high redundancy, and high dimensionality of network traffic in cloud computing make it difficult to detect attacks by contemporary techniques. To improve the performance of IDS features selection and data imbalance issues need to be resolved. This paper includes techniques and surveys of cloud-based IDS with ML techniques and IDS performance on the different types of cloud-based datasets. It also analyses the gaps and scope for enhancement of evaluation parameters of IDS. It provides a cloud-based IDS system which will produce a good performance result as compared to the other contemporary system. Moreover, this paper offers a current overview of cloud-based IDS, Data imbalance technique, Dataset and proposed cloud IDS system architecture.

References

Gao Jun, and Gan Luyun Omni. SCADA intrusion detection using deep learning algorithms. IEEE Internet Things. 2021;8(2): 951–961.

Marteau F P. Random partitioning forest for point-wise and collective anomaly detection application to network intrusion detection. IEEE Trans. Inf. Forensics Security. 2021;16: 2157-2172.

Zhou X, Liang W, Shimizu S, Ma J, and Jin Q Siamese. neural network based few-shot learning for anomaly detection in industrial cyber-physical systems. IEEE Trans. Ind. In form. 2021; 17(8): 5790-5798.

Xu X, Li J, Yang Y, and F. Shen.Toward effective intrusion detection using log-cosh conditional variational autoencoder. IEEE Internet Things Journal. 2021; 8(8): 6187-6196.

Shafiq M, Tian Z, Bashir K A, Du X, and Guizani M. CorrAUC: A malicious Bot-IoT traffic detection method in IoT network using machine-learning techniques. IEEE Internet of Things. 2021; 8(5): 3242-3254.

Injadat M, Moubayed A, Nassif B A, and Shami. Multi-stage optimized machine learning framework for network intrusion detection. IEEE Trans. Netw. Service Manag. 2021;18(2): 1803-1816.

Shin S and Gu, G Cloud Watcher. Network security monitoring using Open Flow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?). Proc. IEEE Int. Conf. Netw. Protoc. 2012; 1-6.

Chung J. C., Khatkar P., Xing T., Lee J., and Huang D. NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Trans. Depend. Secure Computer. 2013;10(4): 198-211.

Xing T, Xiong Z, Huang D, and Medhi D. SDNIPS: Enabling software-defined networking-based intrusion prevention system in clouds. in Proc. Int. Conf. Netw. Serv. Manage. Workshop. 2014; 308-311.

Viegas E, Santin O A and Abreu V. Machine learning intrusion detection in big dataera: A multi-objective approach for longer model lifespans. IEEE Trans. Netw. Sci. Eng. 2021;8(1): 366-376.

Ning Z. Block chain-enabled intelligent transportation systems A distributed crowdsensing framework. IEEE Trans. Mobile Computing.2021; 21(12): 4201-4217.

Ning Z and Shouming Sun. Intelligent resource allocation in mobile blockchain for privacy and security transactions: A deep reinforcement learning based approach. Sci. China Inf. Sci.2021; 64: 162303.

Du Wenjuan Wang Xuehui, Shan Dibin, Qin Ruoxi, and Wang Na.Cloud Intrusion Detection Method Based on Stacked Contractive Auto-Encoder and Support Vector Machine. IEEE Transaction On Cloud Computing. 2022;10(3): 1634-1646.

Khader S. A., Lai D., Li Y, and Diykh M. An efficient DDoS TCP flood attack detection and prevention system in a cloud environment. IEEE Access. 2017;5: 6036–6048.

Wu Y, Nie L, Wang S, Ning Z and Li S. Intelligent intrusion detection for Internet of things security: a deep convolutional generative adversarial network-enabled approach. IEEE Tran. IEEE Internet of Things Journal. 2023;10(4): 3094-3106.

Chauhan M and Hasbullah H. Adaptive detection technique for cache-based side channel attack using bloom filter for secure cloud. In:3rd International Conference on Computer and Information Sciences (ICCOINS). 2016.293–297.

Wang K and Hou Y. Detection method of SQL injection attack in the cloud computing environment. In: IEEE Advanced Information Management, Communicates, Electronic and Automation Control Conference (IMCEC).2016. 487–493.

Nguyen K K, Hoang T D, Niyato D, Wang P, Nguyen N D, and Dutkiewicz E. Cyberattack detection in mobile cloud computing: A deep learning approach. In: IEEE Wireless Communications and Networking Conference, WCNC. 2018. 1–6

Pandeeswari Nand Kumar G. Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mobile Networks and Applications. 2016;21(3): 494- 505.

Dey S, Qiang Y, and Srinivas S. A machine learning-based intrusion detection scheme for data fusion in mobile clouds involving heterogeneous client networks. Information Fusion. 2019;49: 205-215.

Kiranmai B and Damodaram A and Extenuate. DDoS attacks in the cloud. In: 2nd International Conference on Applied and Theoretical Computing and Communication Technology (iCATccT). 2016. 235–238.

Nadeem M, Arshad A, Riaz S, Band S S and Mosavi 2021 A: Intercept the Cloud Network from Brute Force and DDoS Attacks via Intrusion Detection and Prevention System. In IEEE Access. 2021; 9: 152300-152309.

Zhang Z, Wen J, Zhang J, Cai X and Xie L A Many Objective-Based Feature Selection Model for Anomaly Detection in Cloud Environment. IEEE Access. 2020; 8:60218-60231.

Zhang Y and Wang D. A cost-sensitive ensemble method for class-imbalanced datasets. Abstract and Applied Analysis. 2013;215-225.

Kong X Li, Lu Z, Wenyin L, and Yin J. Boosting weighted ELM for imbalanced learning. Neurocomputing. 2014;128: 15–21.

Pozzolo D A, Caelen O, Waterschoot S, and Bontempi G. Cost awarepertaining for multiclass cost-sensitive deep learning. In: Proceedings of the Twenty-Fifth International Joint Conference on Artificial Intelligence. 2016.1411–1417.

Wang S, Liu W, Wu J, Cao L, Meng Q, and Kennedy J P. Training deep neural networks on imbalanced data sets. In;IEEE International Joint Conference on Neural Networks, IJCNN. 2016.4368–4374.

Raj V, Magg S, and Wermter S. Towards the effective classification of imbalanced data with convolutional neural networks. In: Artificial Neural Networks in Pattern Recognition - 7th IAPR TC3Workshop. 2016.150–162.

Pozzolo D A, Caelen O, Waterschoot S, and Bontempi G. Racing for unbalanced methodsselection. In: Proceedings of Intelligent Data Engineering and Automated Learning – IDEAL 2013 - 14th International Conference. 2013. 8206: 24–31.

Drummond C and Holte C R. C4.5, class imbalance, and cost sensitivity: Why under-sampling beats oversampling. In: Proceedings of the ICML’03 Workshop on Learning from Imbalanced Datasets. 2003.1–8.

Chawla V N, Bowyer W K, and Hall O L. SMOTE: synthetic minority over-sampling technique. Journal of Artificial Intelligence Research. 2002;16: 321–357.

Y W Han Wang and Mao B H. Borderline-SMOTE: A new oversampling method in imbalanced data sets learning. In: Proc. Int. Conf.Intell. Computer. 2005.878-887.

Nguyen M H, Cooper W E and Kamei K. 2011 Borderline oversampling for imbalanced data classification. International Journal of Knowledge Engineering and Soft Data Paradigms. 2011;3(1): 4–21.

Batista E. G., Prati C. R., and Monard C. M. A study of the behaviours of several methods for balancing machine learning training data. ACMSIGKDD Explore. 2004; 6(1): 20-29

Liu X BC, Wu J and Zhou Z. Exploratory under sampling for class imbalance learning. IEEE Transaction Systems, Man, and Cybernetics. 2009; 39(2):539–550.

Namvar A Siami M and Rabhi F. Credit risk prediction in an imbalanced social lending environment. International Journal of Computational Intelligence Systems. 2018; 11(1):925–935.

37. Kumar R, Lal P S, and Sharma. Detecting denial of service attacks in the cloud. In: 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing. 2016.309–316.

Nsl-kdd dataset [online], http://nsl.cs.unb.ca/NSL-KDD/, accessed:2018-04-10.

Moustafa N and Slay J. Unsw-nb15: a comprehensive data set for network intrusion detection systems (unsw-nb15 network data set). In: Military Communications and Information Systems Conference (MilCIS). IEEE. 2015. 1–6.

40. M S. Garc´ıa Grill and Stiborek J. An empirical comparison of botnet detection methods. Computers & Security.2014; 45:100–123

Odena A, Olah C, and Shlens J. Conditional image synthesis with auxiliary classifier gains. In: Proceedings of the 34th International Conference on Machine Learning, ICML. 2017.2642–2651.

Sohn K, Lee H and Yan X. Learning structured output representation using deep conditional generative models. Advances in Neural Information Processing Systems. 2015;1: 3483– 3491.

A. Makhzani, J. Shlens, N. Jaitly. Ad- adversarial AutoEncoders,” arXiv preprint arXiv: 2015.1511.05644.

Ly Vu, Nguyen Uy Quang, Nguyen N Diep, Hoang Thai Dinh and Dutkiewicz Ery. Deep generative learning models for cloud intrusion detection systems. IEEE Transactions on Cybernetics. 2022; 53(1): 565-577.

Okey O D, Melgarejo D C and Saadi M. Transfer Learning Approach to IDS on Cloud IoT Devices Using Optimized CNN. IEEE Access. 2023;11: 1023-1038.

Mishra P, AggarwalPalak, Vidyarthi Ankit, Singh Pawan, Khan Baseem, Alhelou Hassan Haes et al. VMShield: Memory Introspection-Based Malware Detection to Secure Cloud-Based Services Against Stealthy Attacks. IEEE Transactions on Industrial Informatics. 2021;17(10): 6754-6764.