HIDCC: A hybrid intrusion detection approach in cloud computing

Hatef, Mohammad Amin; Shaker, Vahid; Jabbarpour, Mohammad Reza; Jung, Jason J.; Zarrabi, Houman

doi:10.1002/cpe.4171

Cited by 38 publications

(22 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For both datasets, the proposed GWO-BES-DSAE NIDS model is reporting higher accuracy than other existing approaches, as depicted in Table 8. As depicted in Table 8 the FAR of the proposed NIDS model is higher than DT-EnSVM (Gu et al 2019) but lower than HIDCC (Hatef et al 2018) for the NSL-KDD dataset. Table 8 depicts that the FAR of the proposed NIDS model on the UNSW-NB15 dataset is lower than RB-IDS (Kumar et al 2019) and HLDNS (Patil, Dudeja, and Modi 2019).…”

Section: Analysis and Discussion Of Resultsmentioning

confidence: 91%

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

Keserwani

Govil

Pilli

et al. 2021

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

In this modern era, due to demand for cloud environments in business, the size, complexity, and chance of attacks to virtual cloud network (VCN) are increased. The protection of VCN is required to maintain the faith of the cloud users. Intrusion detection is essential to secure any network. The existing approaches that use the conventional neural network cannot utilize all information for identifying the intrusions. In this paper, the anomaly-based NIDS for VCN is proposed. For feature selection, grey wolf optimization (GWO) is hybridized with a bald eagle search (BES) algorithm. For classification, a deep learning approach - deep sparse auto-encoder (DSAE) is employed. In this way, this paper proposes a NIDS model for VCN named - GWO-DES-DSAE. The proposed system is simulated in the python programming environment. The proposed NIDS model's performance is compared with other recent approaches for both binary and multi-class classification on the considered datasets - NSL-KDD, UNSW-NB15, and CICIDS 2017 and found better than other methods.

show abstract

Section: Analysis and Discussion Of Resultsmentioning

confidence: 91%

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

Keserwani

Govil

Pilli

et al. 2021

International Journal of Digital Crime and Forensics

View full text Add to dashboard Cite

show abstract

“…This integration of the two forms of detection strategies in a ''Hybrid NIDS'' [20] aims to increase the final accuracy of signature-based models for intrusion detection while eliminating the usual high level of false positives of network-based IDS (NIDS) approaches, hence a hybrid approach is embraced by most existing platforms. Other examples of hybrid are Signature-Based Anomaly Detection Scheme (SADS) [21] , Artificial Bee Colony and Artificial Fish Swarm (ABC-AFS) [22], Hybrid Intrusion Detection Approach In Cloud Computing (HIDCC) [23].…”

Section: Detection Methodsmentioning

confidence: 99%

A Review on Feature Selection and Ensemble Techniques for Intrusion Detection System

Torabi¹,

Udzir²,

Abdullah³

et al. 2021

IJACSA

View full text Add to dashboard Cite

Intrusion detection has drawn considerable interest as researchers endeavor to produce efficient models that offer high detection accuracy. Nevertheless, the challenge remains in developing reliable and efficient Intrusion Detection System (IDS) that is capable of handling large amounts of data, with trends evolving in real-time circumstances. The design of such a system relies on the detection methods used, particularly the feature selection techniques and machine learning algorithms used. Thus motivated, this paper presents a review on feature selection and ensemble techniques used in anomaly-based IDS research. Dimensionality reduction methods are reviewed, followed by the categorization of feature selection techniques to illustrate their effectiveness on training phase and detection. Selection of the most relevant features in data has been proven to increase the efficiency of detection in terms of accuracy and computational efficiency, hence its important role in the design of an anomaly-based IDS. We then analyze and discuss a variety of IDS-based machine learning techniques with various detection models (single classifier-based or ensemble-based), to illustrate their significance and success in the intrusion detection area. Besides supervised and unsupervised learning methods in machine learning, ensemble methods combine several base models to produce one optimal predictive model and improve accuracy performance of IDS. The review consequently focuses on ensemble techniques employed in anomaly-based IDS models and illustrates how their use improves the performance of the anomaly-based IDS models. Finally, the paper laments on open issues in the area and offers research trends to be considered by researchers in designing efficient anomaly-based IDSs.

show abstract

“…[8][9][10] Therefore, it is necessary to establish a detection model that can accurately identify most of attacks, and handle large-scale data fast enough. Although the recent literatures [11][12][13] have solved these problems, they are not suitable for the detection of persistent attacks. Instead of detecting data flows individually, we subcontract data flows according to a certain rule (eg, all samples in each bag have the same source port), which can improve recall and precision of detection for persistent attacks.…”

Section: Introductionmentioning

confidence: 99%

An intrusion detection algorithm based on bag representation with ensemble support vector machine in cloud computing

Wei

Long

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

The increase of security incidents brings a challenge to the cloud computing security. Intrusion detection technologies have been applied to protect information in cloud from being compromised, and complicated learning-based detection methods have been used to improve the performance of intrusion detection systems. Higher quality and well-formed samples are crucial to the performance of detection algorithm. Therefore, we mainly study the intrusion detection model based on data optimization processing. In this article, we establish an intrusion detection algorithm based on ensemble support vector machine with bag representation. Specifically, the sample flows are divided into bags, where the sample flows in each bag are related to each other. Each bag contains multiple related data flows that can accurately reflect intrusion behavior, especially persistent intrusion. What's more, ensemble algorithm is applied to detection model, which greatly optimizes the performance of detection algorithm. The experimental results on open access datasets show that the proposed model detects the persistent attack with 90.58% recall.

show abstract

HIDCC: A hybrid intrusion detection approach in cloud computing

Cited by 38 publications

References 23 publications

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

An Optimal NIDS for VCN Using Feature Selection and Deep Learning Technique

A Review on Feature Selection and Ensemble Techniques for Intrusion Detection System

An intrusion detection algorithm based on bag representation with ensemble support vector machine in cloud computing

Contact Info

Product

Resources

About