Collaborative anomaly detection framework for handling big data of cloud computing

Moustafa, Nour; Creech, Gideon; Sitnikova, Elena; Keshk, Marwa

doi:10.1109/milcis.2017.8190421

Cited by 51 publications

(29 citation statements)

References 18 publications

(41 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…While IoT technologies play a vital part in improving real-life smart systems, like smart cities, smart homes, smart healthcare, the large scale and ubiquitous nature of IoT systems has introduced new security challenges [5][6][7]. Furthermore, since IoT devices generally work in an unattended environment, an attacker may physically access these devices with malicious intent [8,9]. Also, because IoT devices are connected usually over wireless networks, eavesdropping can be used to access private information from a communication channel [10,11].…”

Section: Motivationmentioning

confidence: 99%

A Review of Intrusion Detection Systems Using Machine and Deep Learning in Internet of Things: Challenges, Solutions and Future Directions

et al. 2020

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) is poised to impact several aspects of our lives with its fast proliferation in many areas such as wearable devices, smart sensors and home appliances. IoT devices are characterized by their connectivity, pervasiveness and limited processing capability. The number of IoT devices in the world is increasing rapidly and it is expected that there will be 50 billion devices connected to the Internet by the end of the year 2020. This explosion of IoT devices, which can be easily increased compared to desktop computers, has led to a spike in IoT-based cyber-attack incidents. To alleviate this challenge, there is a requirement to develop new techniques for detecting attacks initiated from compromised IoT devices. Machine and deep learning techniques are in this context the most appropriate detective control approach against attacks generated from IoT devices. This study aims to present a comprehensive review of IoT systems-related technologies, protocols, architecture and threats emerging from compromised IoT devices along with providing an overview of intrusion detection models. This work also covers the analysis of various machine learning and deep learning-based techniques suitable to detect IoT systems related to cyber-attacks.

show abstract

Section: Motivationmentioning

confidence: 99%

A Review of Intrusion Detection Systems Using Machine and Deep Learning in Internet of Things: Challenges, Solutions and Future Directions

et al. 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…So, the real attacks can slip through false reports or be ignored. Collaborative anomaly detection framework (CADF) [24] comprises capturing and logging network data, preprocessing it to be handled at the decision engine sensor using the Gaussian Mixture Model (GMM) and interquartile range for identifying abnormal patterns. Moreover, the architecture for deploying this framework as Software as a Service (SaaS) is produced to be easily installed in cloud computing systems.…”

Section: B Network Intrusion Detection Systemsmentioning

confidence: 99%

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

et al. 2020

View full text Add to dashboard Cite

Machine learning techniques are becoming mainstream in intrusion detection systems as they allow real-time response and have the ability to learn and adapt. By using a comprehensive dataset with multiple attack types, a well-trained model can be created to improve the anomaly detection performance. However, high dimensional data present a significant challenge for machine learning techniques. Processing similar features that provide redundant information increases the computational time, which is a critical problem especially for users with constrained resources (battery, energy). In this paper, we propose two models for intrusion detection and classification scheme Trust-based Intrusion Detection and Classification System (TIDCS) and Trust-based Intrusion Detection and Classification System-Accelerated (TIDCS-A) for secure network. TIDCS reduces the number of features in the input data based on a new algorithm for feature selection. Initially, the features are grouped randomly to increase the probability of making them participating in the generation of different groups, and sorted based on their accuracy scores. Only the high ranked features are then selected to obtain a classification for any received packet from the nodes in the network, which is saved as part of the node's past performance. TIDCS proposes a periodic system cleansing where trust relationships between participant nodes are evaluated and renewed periodically. TIDCS-A proposes a dynamic algorithm to compute the exact time for nodes cleansing states and restricts the exposure window of the nodes. The final classification decision for both models is estimated by incorporating the node's past behavior with the machine learning algorithm. Any detected attack reduces the trustworthiness of the nodes involved, leading to a dynamic system cleansing. An evaluation of TIDCS and TIDCS-A using the NSL-KDD and UNSW datasets shows that both models can detect malicious behaviors providing higher accuracy, detection rates, and lower false alarm than state-of-art techniques. For instance, for UNSW dataset, the accuracy detection is 91% for TICDS, 83.47%by using online AODE, 88% for CADF, 90% for EDM, 90% for TANN and 69.6% for NB. Consequently, TICDS has better performance than the state of art techniques in terms of accuracy detection, while providing good detection and false alarm rates.

show abstract

“…The SVM classifier's accuracy increased to 92.32% The GBT achieved higher classifier's accuracy to 93.13%.There is increase in Precision and Recall of all algorithms with DFEL. Moustafa et al [36] proposed a Collaborative Anomaly Detection Framework (CADF) for detecting cyber-attacks on big data of cloud computing environments. They provided the technical functions and the way of deployment of this proposed framework for these environments.…”

Section: International Journal Of Engineering and Advanced Technologymentioning

confidence: 99%

Unsw-Nb15 Dataset and Machine Learning Based Intrusion Detection Systems

Sonule¹,

Kalla²,

Jain³

et al. 2020

IJEAT

View full text Add to dashboard Cite

The network attacks become the most important security problems in the today’s world. There is a high increase in use of computers, mobiles, sensors,IoTs in networks, Big Data, Web Application/Server,Clouds and other computing resources. With the high increase in network traffic, hackers and malicious users are planning new ways of network intrusions. Many techniques have been developed to detect these intrusions which are based on data mining and machine learning methods. Machine learning algorithms intend to detect anomalies using supervised and unsupervised approaches.Both the detection techniques have been implemented using IDS datasets like DARPA98, KDDCUP99, NSL-KDD, ISCX, ISOT.UNSW-NB15 is the latest dataset. This data set contains nine different modern attack types and wide varieties of real normal activities. In this paper, a detailed survey of various machine learning based techniques applied on UNSW-NB15 data set have been carried out and suggested thatUNSW-NB15 is more complex than other datasets and is assumed as a new benchmark data set for evaluating NIDSs.

show abstract

Collaborative anomaly detection framework for handling big data of cloud computing

Cited by 51 publications

References 18 publications

A Review of Intrusion Detection Systems Using Machine and Deep Learning in Internet of Things: Challenges, Solutions and Future Directions

A Review of Intrusion Detection Systems Using Machine and Deep Learning in Internet of Things: Challenges, Solutions and Future Directions

TIDCS: A Dynamic Intrusion Detection and Classification System Based Feature Selection

Unsw-Nb15 Dataset and Machine Learning Based Intrusion Detection Systems

Contact Info

Product

Resources

About