Deep Reinforcement Learning based Intrusion Detection System for Cloud Infrastructure

Intrusion Detection in cloud platform is a challenging problem due to its extensive usage and distributed nature that are constant targets of new and unknown attacks. Intrusion detection system (IDS) is responsible for monitoring and detecting malicious activities in any computing system or a network. However, most of the traditional cloud IDSs are vulnerable to novel attacks. Also, they are incapable of maintaining a balance between high accuracy and less false positive rate (FPR). In this paper, we propose a deep reinforcement learning-based adaptive cloud IDS architecture that addresses the above limitations and performs accurate detection and fine-grained classification of new and complex attacks. We have done extensive experimentation using the benchmark UNSW-NB15 dataset that shows better accuracy and less FPR compared to the state-of-the-art IDSs.

[1]  Peter Henderson,et al.  An Introduction to Deep Reinforcement Learning , 2018, Found. Trends Mach. Learn..

[2]  Norbik Bashah Idris,et al.  A brief introduction to intrusion detection system , 2012, ICRA 2012.

[3]  Chaouki Khammassi,et al.  A GA-LR wrapper approach for feature selection in network intrusion detection , 2017, Comput. Secur..

[4]  Richard S. Sutton,et al.  Reinforcement Learning: An Introduction , 1998, IEEE Trans. Neural Networks.

[5]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[6]  Jill Slay,et al.  The evaluation of Network Anomaly Detection Systems: Statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set , 2016, Inf. Secur. J. A Glob. Perspect..

[7]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[8]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[9]  Arghir-Nicolae Moldovan,et al.  Cloud-based Real-time Network Intrusion Detection Using Deep Learning , 2018, 2018 International Conference on Cyber Security and Protection of Digital Services (Cyber Security).

[10]  Yacine Bouzida,et al.  Neural networks vs . decision trees for intrusion detection , 2006 .

[11]  Roberto Blanco,et al.  Applying Cost-Sensitive Classifiers with Reinforcement Learning to IDS , 2018, IDEAL.

[12]  Daniel Kudenko,et al.  Multi-agent Reinforcement Learning for Intrusion Detection , 2007, Adaptive Agents and Multi-Agents Systems.

[13]  Saumendra Sengupta,et al.  Hybrid Intrusion Detection System Using Machine Learning Techniques in Cloud Computing Environments , 2019, 2019 IEEE 17th International Conference on Software Engineering Research, Management and Applications (SERA).