Incident Detection over Unified Threat Management Platform on a Cloud Network

Artificial Intelligence (AI) techniques provide many intelligent methods for security solutions in various domains such as finance, networking, cloud computing, health records and individual's identity. AI achieves security mechanisms like antivirus, firewalls, intrusion detection system (IDS) and cryptography by using machine learning methods and data analysis techniques. As the modern AI techniques help improving security systems, criminal activities are also becoming updated simultaneously. Machine learning methods along with data analysis tools have become popular to prevent security systems from threats and hacking activities. This work contributes to secure cloud networks and help them prevent malicious attacks. In this paper, Bidirectional long short-term memory (BLSTM) is used to detect incidents over unified threat management (UTM) platform operated on cloud network. Results are compared with K-nearest neighbor which is a baseline technique. Time series input samples recorded over UTM platform are used for training and testing purposes. We obtain accuracy score of 98.47% with 0.0186 mean squared error (MSE) using KNN while BLSTM provides 98.6% accuracy score with 0.002 loss, which is better than the KNN.

[1]  Min-Woo Park,et al.  A framework of defense system for prevention of insider's malicious behaviors , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[2]  Yaser Jararweh,et al.  Hierarchical detection of insider attacks in cloud computing systems , 2017, Int. J. Inf. Comput. Secur..

[3]  Adriano C. M. Pereira,et al.  Stock market's price movement prediction with LSTM neural networks , 2017, 2017 International Joint Conference on Neural Networks (IJCNN).

[4]  Kuldip K. Paliwal,et al.  Bidirectional recurrent neural networks , 1997, IEEE Trans. Signal Process..

[5]  El-Sayed M. El-Alfy,et al.  Evaluation of bidirectional LSTM for short-and long-term stock market prediction , 2018, 2018 9th International Conference on Information and Communication Systems (ICICS).

[6]  Jun Xu,et al.  Real-Time Prediction of Taxi Demand Using Recurrent Neural Networks , 2018, IEEE Transactions on Intelligent Transportation Systems.

[7]  Ella Grishikashvili Pereira,et al.  Evaluating security mechanisms implemented on public Platform-as-a-Service cloud environments case study: Windows Azure , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[8]  Navdeep Jaitly,et al.  Hybrid speech recognition with Deep Bidirectional LSTM , 2013, 2013 IEEE Workshop on Automatic Speech Recognition and Understanding.

[9]  K. P. Soman,et al.  Stock price prediction using LSTM, RNN and CNN-sliding window model , 2017, 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[10]  Klaus Zechner,et al.  Using bidirectional lstm recurrent neural networks to learn high-level abstractions of sequential features for automated scoring of non-native spontaneous speech , 2015, 2015 IEEE Workshop on Automatic Speech Recognition and Understanding (ASRU).

[11]  Sylvie Perreau,et al.  Detect DDoS flooding attacks in mobile ad hoc networks , 2010, Int. J. Secur. Networks.

[12]  Artur S. d'Avila Garcez,et al.  Speaker recognition with hybrid features from a deep belief network , 2018, Neural Computing and Applications.

[13]  Jürgen Schmidhuber,et al.  Long Short-Term Memory , 1997, Neural Computation.