An Efficient Network IDS for Cloud Environments Based on a Combination of Deep Learning and an Optimized Self-adaptive Heuristic Search Algorithm

Nowadays, Cloud Computing (CC) is one of the fastest emerging core technologies in the current information era. It is leading a new revolution on the ways of data storage and calculation. CC remains gaining traction among organizations thanks to its appealing features like pay-per-use model for billing customers, elasticity, ubiquity, scalability and availability of resources for businesses. Hence, many organizations are moving their workloads or processes to cloud due to its inherent advantages. Nevertheless, several security issues arise with the transition to this computing paradigm including intrusion detection. Attackers and intruders developed new sophisticated tools defeating traditional Intrusion Detection Systems (IDS) by huge amount of network traffic data and dynamic behaviors. The existing Cloud IDSs suffer from low detection accuracy and high false positive rate. To overcome this issue, we propose a smart approach using a self-adaptive heuristic search algorithm called “Improved Self-Adaptive Genetic Algorithm” (ISAGA) to build automatically a Deep Neural Network (DNN) based Anomaly Network Intrusion Detection System (ANIDS). ISAGA is a variant of standard Genetic Algorithm (GA), which is developed based on GA improved through an Adaptive Mutation Algorithm (AMA) and optimization strategies. The optimization strategies carried out are Parallel Processing and Fitness Value Hashing that reduce execution time, convergence time and save processing power. Our approach consists of using ISAGA with the goal of searching the optimal or near optimal combination of most relevant values of the parameters included in construction of DNN based IDS or impacting its performance, like feature selection, data normalization, architecture of DNN, activation function, learning rate and Momentum term, which ensure high detection rate, high accuracy and low false alarm rate. CloudSim 4.0 simulator platform and CICIDS2017 dataset were used for simulation and validation of the proposed system. The implementation results obtained have demonstrated the ability of our ANIDS to detect intrusions with high detection accuracy and low false alarm rate, and have indicated its superiority in comparison with state-of-the-art methods.

[1]  Yasir Mehmood,et al.  Distributed intrusion detection system using mobile agents in cloud computing environment , 2015, 2015 Conference on Information Assurance and Cyber Security (CIACS).

[2]  Hamid Mirvaziri,et al.  Attacks and Intrusion Detection in Cloud Computing Using Neural Networks and Particle Swarm Optimization Algorithms , 2018 .

[3]  Soukaena Hassan Hashim,et al.  Proposed Network Intrusion Detection System In Cloud Environment Based on Back Propagation Neural Network , 2017 .

[4]  Ahmed Ahmim,et al.  A Novel Hierarchical Intrusion Detection System Based on Decision Tree and Rules-Based Models , 2018, 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS).

[5]  Ali A. Ghorbani,et al.  An Evaluation Framework for Intrusion Detection Dataset , 2016, 2016 International Conference on Information Science and Security (ICISS).

[6]  K. Alhassan John,et al.  ENSEMBLE LEARNING APPROACH FOR THE ENHANCEMENT OF PERFORMANCE OF INTRUSION DETECTION SYSTEM , 2019, i-manager's Journal on Information Technology.

[7]  Karim Afdel,et al.  Distributed Intrusion Detection System for Cloud Environments based on Data Mining techniques , 2018 .

[8]  Nima Jafari Navimipour,et al.  Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm , 2019, ICT Express.

[9]  Lee Jacobson,et al.  Genetic Algorithms in Java Basics , 2015, Apress.

[10]  P. Herbert Raj,et al.  Exploring Data Security Issues and Solutions in Cloud Computing , 2018 .

[11]  Jyotsna Sengupta,et al.  WLI-FCM and Artificial Neural Network Based Cloud Intrusion Detection System , 2018 .

[12]  Mohamed Rida,et al.  A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection , 2018, Comput. Secur..

[13]  Partha Ghosh,et al.  Intrusion Detection System Based on BCS-GA in Cloud Environment , 2016 .

[14]  Taufik Abrão,et al.  Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic , 2018, Expert Syst. Appl..

[15]  Mohammad Javad Golkar,et al.  A hybrid method consisting of GA and SVM for intrusion detection system , 2016, Neural Computing and Applications.

[16]  Lei Chen,et al.  Intrusion detection and security calculation in industrial cloud storage based on an improved dynamic immune algorithm , 2019, Inf. Sci..

[17]  Geoffrey E. Hinton,et al.  ImageNet classification with deep convolutional neural networks , 2012, Commun. ACM.