Machine Learning-Enhanced IDS: RFE-LSTM-Based Model for Cloud Security |
||
 |
 |
|
| © 2024 by IJCTT Journal | ||
| Volume-72 Issue-4 |
||
| Year of Publication : 2024 | ||
| Authors : Karthik Rajashekaran, Rafaqat Kazmi, Rahul Jain | ||
| DOI : 10.14445/22312803/IJCTT-V72I4P101 | ||
How to Cite?
Karthik Rajashekaran, Rafaqat Kazmi, Rahul Jain, "Machine Learning-Enhanced IDS: RFE-LSTM-Based Model for Cloud Security," International Journal of Computer Trends and Technology, vol. 72, no. 4, pp. 1-14, 2024. Crossref, https://doi.org/10.14445/22312803/IJCTT-V72I4P101
Abstract
Cloud computing impacts huge information science due to its services as infrastructure, software services, and platforms. The widespread use of cloud computing presents challenges such as security, privacy, and trust. The main threats are the susceptibility of the cloud infrastructure to various attacks, including address resolution protocol, IP spoofing, and denial of service. The classical intrusion detection techniques are insufficient to mitigate these new threats. The research proposes the REF-LSTM-IDS model, a novel technique that combines Recursive Feature Elimination (RFE) for optimised feature selection with a Long Short-Term Memory (LSTM) network used to identify dynamic threat pattern recognition. The proposed model's performance was assessed on the NSL-KDD and BoT-IoT datasets for feature selection reduction capability, and it was found that the model performs reasonably well on the evaluation criteria of accuracy and precision. The model performed 91.50% and 92.21% for accuracy measures for the datasets provided. The precision measure performance was 47.54%, and the recall measure was 82.31% for the datasets provided for the Matthews Correlation Coefficient (MCC) across the whole dataset. The proposed model improves cloud security and provides new insights for the integrated IDS model with machine learning capabilities. The integrated models reduce emerging security threats with embedded intelligence.
Keywords
Cloud computing, Data engineering, Intrusion detection, Machine learning.
Reference
[1] Md Tanzim Khorshed, A.B.M. Shawkat Ali, and Saleh A. Wasimi, “Trust Issues that Create Threats for Cyber Attacks in Cloud Computing,” 2011 IEEE 17th International Conference on Parallel and Distributed Systems, pp. 900-905, 2011.
[CrossRef] [Google Scholar] [Publisher Link]
[2] Talal Halabi, and Martine Bellaiche, “Towards Quantification and Evaluation of Security of Cloud Service Providers,” Journal of Information Security and Applications, vol. 33, pp. 55-65, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[3] Talal Halabi, and Martine Bellaiche, “A Broker-based Framework for Standardization and Management of Cloud Security-SLAs,” Computers & Security, vol. 75, pp. 59-71, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[4] Rafael Moreno-Vozmediano et al., “Efficient Resource Provisioning for Elastic Cloud Services Based on Machine Learning Techniques,” Journal of Cloud Computing, vol. 8, pp. 1-18, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[5] Ahmed AlEroud, and George Karabatis, “A Contextual Anomaly Detection Approach to Discover Zero-day Attacks,” 2012 International Conference on Cyber Security, pp. 40-45, 2012.
[CrossRef] [Google Scholar] [Publisher Link]
[6] Diogo A.B. Fernandes et al., “Security Issues in Cloud Environments: A Survey,” International Journal of Information Security, vol. 13, pp. 113-170, 2014.
[CrossRef] [Google Scholar] [Publisher Link]
[7] Maryam Douiba et al., “Anomaly Detection Model based on Gradient Boosting and Decision Tree for IoT Environments Security,” Journal of Reliable Intelligent Environments, vol. 9, pp. 421-432, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[8] Ansam Khraisat et al., “Survey of Intrusion Detection Systems: Techniques, Datasets and Challenges,” Cybersecurity, vol. 2, no. 20, pp. 1-22, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[9] Mohammad Almseidin et al., “Evaluation of Machine Learning Algorithms for Intrusion Detection System,” 2017 IEEE 15th International Symposium on Intelligent Systems and Informatics (SISY), Subotica, Serbia, pp. 277- 282, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[10] Nanak Chand et al., “A Comparative Analysis of SVM and Its Stacking with Other Classification Algorithm for Intrusion Detection,” 2016 International Conference on Advances in Computing, Communication, & Automation (ICACCA)(Spring), Dehradun, India, pp. 1-6, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[11] Donghwoon Kwon et al., “A Survey of Deep Learning-based Network Anomaly Detection,” Cluster Computing, vol. 22, pp. 949-961, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[12] Yann LeCun, Yoshua Bengio, and Geoffrey Hinton, “Deep Learning,” Nature, vol. 521, pp. 436-444, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[13] Mohamad Mulham Belal, and Divya Meena Sundaram, “Comprehensive Review on Intelligent Security Defences in Cloud: Taxonomy, Security Issues, ML/DL Techniques, Challenges and Future Trends,” Journal of King Saud University-Computer and Information Sciences, vol. 34, no. 10, pp. 9102-9131, 2022.
[CrossRef] [Google Scholar] [Publisher Link]
[14] Ayman M. El-Zoghby, and Marianne A. Azer, “Cloud Computing Privacy Issues, Challenges and Solutions,” 2017 12th International Conference on Computer Engineering and Systems (ICCES), Cairo, Egypt, pp. 154-160, 2017.
[CrossRef] [Google Scholar] [Publisher Link]
[15] Nabeel Mohammad Abdullah Al-Jaser, “A Survey on Cloud Computing Security–Challenges and Trust Issues,” International Journal of Computer Science and Information Security (IJCSIS), vol. 18, no. 5, pp. 1-6, 2020.
[Google Scholar] [Publisher Link]
[16] Z. Chiba et al., “A Cooperative and Hybrid Network Intrusion Detection Framework in Cloud Computing based on Snort and Optimized back Propagation Neural Network,” Procedia Computer Science, vol. 83, pp. 1200-1206, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[17] Sebastian Roschke, Feng Cheng, and Christoph Meinel, “Intrusion Detection in the Cloud,” 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, Chengdu, China, 2009.
[CrossRef] [Google Scholar] [Publisher Link]
[18] Chirag Modi et al., “A Novel Framework for Intrusion Detection in Cloud,” Proceedings of the Fifth International Conference on Security of Information and Networks, pp. 67-74, 2012.
[CrossRef] [Google Scholar] [Publisher Link]
[19] Suaad Alarifi, and Stephen Wolthusen, “Anomaly Detection for Ephemeral Cloud IaaS Virtual Machines,” Network and System Security: 7th International Conference, NSS 2013, pp. 321-335, 2013.
[CrossRef] [Google Scholar] [Publisher Link]
[20] Sanchika Gupta, and Padam Kumar, “System cum Program-wide Lightweight Malicious Program Execution Detection Scheme for Cloud,” Information Security Journal: A Global Perspective, vol. 23, no. 3, pp. 86-99, 2014.
[CrossRef] [Google Scholar] [Publisher Link]
[21] Hojoon Lee et al., “Ki-mon Arm: A Hardware-Assisted Event-Triggered Monitoring Platform for Mutable Kernel Object,” IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 2, pp. 287-300, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[22] N. Pandeeswari, and Ganesh Kumar, “Anomaly Detection System in Cloud Environment Using Fuzzy Clustering Based ANN,” Mobile Networks and Applications, vol. 21, pp. 494-505, 2016.
[CrossRef] [Google Scholar] [Publisher Link]
[23] Chris Benninger et al., “Maitland: Lighter-Weight VM Introspection to Support Cyber-security in the Cloud,” 2012 IEEE Fifth International Conference on Cloud Computing, Honolulu, HI, USA, pp. 471-478, 2012.
[CrossRef] [Google Scholar] [Publisher Link]
[24] Jessey Bullock, and Jeff T. Parker, Wireshark for Security Professionals: Using Wireshark and the Metasploit Framework, John Wiley & Sons, pp. 1-288, 2017.
[Google Scholar] [Publisher Link]
[25] Michael Pearce, Sherali Zeadally, and Ray Hunt, “Virtualization: Issues, Security Threats, and Solutions,” ACM Computing Surveys (CSUR), vol. 45, no. 2, pp. 1-39, 2013.
[CrossRef] [Google Scholar] [Publisher Link]
[26] Hisham A. Kholidy et al., “HA-CIDS: A Hierarchical and Autonomous IDS for Cloud Systems,” 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks, Madrid, Spain, pp. 179-184, 2013.
[CrossRef] [Google Scholar] [Publisher Link]
[27] Nadia Burkart, and Marco F. Huber, “A Survey on the Explainability of Supervised Machine Learning,” Journal of Artificial Intelligence Research, vol. 70, pp. 245-317, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[28] Zhe Li, Weiqing Sun, and Lingfeng Wang, “A Neural Network Based Distributed Intrusion Detection System on Cloud Platform,” 2012 IEEE 2 nd International Conference on Cloud Computing and Intelligence Systems, Hangzhou, China, pp. 75-79, 2012.
[CrossRef] [Google Scholar] [Publisher Link]
[29] Suaad S. Alarifi, and Stephen D. Wolthusen, “Detecting Anomalies in IaaS Environments through Virtual Machine Host System Call Analysis,” 2012 International Conference for Internet Technology and Secured Transactions, London, UK, pp. 211-218, 2012.
[Google Scholar] [Publisher Link]
[30] Udaya Tupakula, Vijay Varadharajan, and Naveen Akku, “Intrusion Detection Techniques for Infrastructure as a Service Cloud,” 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, Sydney, NSW, Australia, pp. 744-751, 2011.
[CrossRef] [Google Scholar] [Publisher Link]
[31] Umer Ahmed Butt et al., “A Review of Machine Learning Algorithms for Cloud Computing Security,” Electronics, vol. 9, no. 9, pp. 1-25, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[32] H. Hourani, and M. Abdallah, “Cloud Computing: Legal and Security Issues,” 2018 8th International Conference on Computer Science and Information Technology (CSIT), Amman, Jordan, pp. 13-16, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[33] Nidal Hassan Hussein, and Ahmed Khalid, “A Survey of Cloud Computing Security Challenges and Solutions,” International Journal of Computer Science and Information Security, vol. 14, no. 1, pp. 52-26, 2016.
[Google Scholar] [Publisher Link]
[34] Javier Martínez Torres, Carla Iglesias Comesaña, and Paulino J. García-Nieto, “Machine Learning Techniques Applied to Cybersecurity,” International Journal of Machine Learning and Cybernetics, vol. 10, pp. 2823-2836, 2019.
[CrossRef] [Google Scholar] [Publisher Link]
[35] Mouaad Mohy-eddine et al., “An Efficient Network Intrusion Detection Model for IoT Security using K-NN Classifier and Feature Selection,” Multimedia Tools and Applications, vol. 82, pp. 23615-23633, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[36] Anar A. Hady et al., “Intrusion Detection System for Healthcare Systems using Medical and Network Data: A Comparison Study,” IEEE Access, vol. 8, pp. 106576-106584, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[37] Maryam Douiba et al., “An Improved Anomaly Detection Model for IoT Security using Decision Tree and Gradient Boosting,” The Journal of Supercomputing, vol. 79, pp. 3392-3411, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[38] Anna L. Buczak, and Erhan Guven, “A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection,” IEEE Communications Surveys & Tutorials, vol. 18, no. 2, pp. 1153-1176, 2015.
[CrossRef] [Google Scholar] [Publisher Link]
[39] Nadia Chaabouni et al., “A OneM2M Intrusion Detection and Prevention System based on Edge Machine Learning,” NOMS 2020-2020 IEEE/IFIP Network Operations and Management Symposium, Budapest, Hungary, 2020.
[CrossRef] [Google Scholar] [Publisher Link]
[40] Imtiaz Ullah, and Qusay H. Mahmoud, “Design and Development of a Deep Learning-based Model for Anomaly Detection in IoT Networks,” IEEE Access, vol. 9, pp. 103906-103926, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[41] Azka Wani, S. Revathi, and Rubeena Khaliq, “SDN‐based Intrusion Detection System for IoT using Deep Learning Classifier (IDSIoT‐SDL),” CAAI Transactions on Intelligence Technology, vol. 6, no. 3, pp. 281-290, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[42] Mouaad Mohy-eddine et al., “An Effective Intrusion Detection Approach based on Ensemble Learning for IIoT Edge Computing,” Journal of Computer Virology and Hacking Techniques, vol. 19, pp. 469-481, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[43] Hanaa Attou et al., “Towards an Intelligent Intrusion Detection System to Detect Malicious Activities in Cloud Computing,” Applied Sciences, vol. 13, no. 17, pp. 1-19, 2023.
[CrossRef] [Google Scholar] [Publisher Link]
[44] Amirah Alshammari, and Abdulaziz Aldribi, “Apply Machine Learning Techniques to Detect Malicious Network Traffic in Cloud Computing,” Journal of Big Data, vol. 8, no. 90, pp. 1-24, 2021.
[CrossRef] [Google Scholar] [Publisher Link]
[45] Feng Jiang et al., “Deep Learning Based Multi-Channel Intelligent Attack Detection for Data Security,” IEEE Transactions on Sustainable Computing, vol. 5, no. 2, pp. 204-212, 2018.
[CrossRef] [Google Scholar] [Publisher Link]
[46] Zhiqiang Liu, and Yucheng Shi, “A Hybrid IDS using GA-based Feature Selection Method and Random Forest,” International Journal of Machine Learning Computing, vol. 12, no. 2, pp. 43-50, 2022.
[CrossRef] [Google Scholar] [Publisher Link]