LR-HIDS: logistic regression host-based intrusion detection system for cloud environments

Cloud computing is an Internet based computing environment, where storage and computing resources are assigned dynamically among users according to their needs, using the virtualization technology. Virtualization is an underlying infrastructure of cloud computing, and has led to certain security problems during the development of cloud computing. One essential but formidable task in cloud computing is to detect malicious attacks and their types. Due to increasing incidents of cyber-attacks, design and implementation of effective intrusion detection systems to protect the security of information systems is crucial. In this paper, a host-based intrusion detection system (H-IDS) for protecting virtual machines in the cloud environment is proposed. To this end, first, important features of each class are selected using logistic regression and next, these values are improved using the regularization technique. Then, various attacks are classified using a combination of three different classifiers: neural network, decision tree and linear discriminate analysis with the bagging algorithm for each class. The proposed model has been trained and tested using the NSL-KDD data set with an implementation in the Cloudsim software. Simulation results compared to other methods shows acceptable accuracy of about 97.51 for detecting attacks against normal states.

[1]  B. R. Madhu,et al.  Data mining based CIDS: Cloud intrusion detection system for masquerade attacks [DCIDSM] , 2013, 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[2]  Lingfeng Wang,et al.  A neural network based distributed intrusion detection system on cloud platform , 2012, 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems.

[3]  Ayush Sharma,et al.  Genetic Algorithm Based Feature Selection Algorithm for Effective Intrusion Detection in Cloud Networks , 2012, 2012 IEEE 12th International Conference on Data Mining Workshops.

[4]  Ali Gökhan Yavuz,et al.  Network Anomaly Detection with Stochastically Improved Autoencoder Based Models , 2017, 2017 IEEE 4th International Conference on Cyber Security and Cloud Computing (CSCloud).

[5]  Zied Elouedi,et al.  Naive Bayes vs decision trees in intrusion detection systems , 2004, SAC '04.

[6]  Sateesh K. Peddoju,et al.  HIDS: A host based intrusion detection system for cloud computing environment , 2014, International Journal of System Assurance Engineering and Management.

[7]  Kevin P. Murphy,et al.  Machine learning - a probabilistic perspective , 2012, Adaptive computation and machine learning series.

[8]  Eryk Dutkiewicz,et al.  Cyberattack detection in mobile cloud computing: A deep learning approach , 2017, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[9]  Fucai Zhou,et al.  Anomaly detection model of user behavior based on principal component analysis , 2016, J. Ambient Intell. Humaniz. Comput..

[10]  Ganeshkumar Perumal,et al.  A Neuro Fuzzy Based Intrusion Detection System for a Cloud Data Center Using Adaptive Learning , 2015 .

[11]  Eugene Gorelik,et al.  Cloud computing models , 2013 .

[12]  Partha Ghosh,et al.  An Efficient Cloud Network Intrusion Detection System , 2015 .

[13]  P. Padmakumari,et al.  EFFECTIVE INTRUSION DETECTION SYSTEM FOR CLOUD ARCHITECTURE , 2014 .

[14]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[15]  Seong-Taek Park,et al.  A study on smart factory-based ambient intelligence context-aware intrusion detection system using machine learning , 2018, J. Ambient Intell. Humaniz. Comput..

[16]  Muttukrishnan Rajarajan,et al.  Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing , 2012 .

[17]  Sabyasachi Patra,et al.  Machine Learning Approach for Intrusion Detection on Cloud Virtual Machines , 2013 .

[18]  Hai Jin,et al.  A VMM-based intrusion prevention system in cloud computing environment , 2013, The Journal of Supercomputing.

[19]  Saso Dzeroski,et al.  Combining Bagging and Random Subspaces to Create Better Ensembles , 2007, IDA.

[20]  Dae-Ki Kang,et al.  Regularization parameter tuning optimization approach in logistic regression , 2013, 2013 15th International Conference on Advanced Communications Technology (ICACT).

[21]  Arputharaj Kannan,et al.  An Effective Intrusion Detection on Cloud Virtual Machines Using Hybrid Feature Selection and Multiclass Classifier , 2015 .

[22]  Georgia Sakellari,et al.  Cloud-Based Cyber-Physical Intrusion Detection for Vehicles Using Deep Learning , 2018, IEEE Access.

[23]  M. Loog Approximate Pairwise Accuracy Criteria for Multiclass Linear Dimension Reduction: Generalisations of the Fisher Criterion , 1999 .

[24]  A. B. M. Shawkat Ali,et al.  Monitoring Insiders Activities in Cloud Computing Using Rule Based Learning , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[25]  M. Zbakh,et al.  Cloud computing architectures based IDS , 2012, 2012 IEEE International Conference on Complex Systems (ICCS).

[26]  Shahram Rahimi,et al.  Soft computing in intrusion detection: the state of the art , 2010, J. Ambient Intell. Humaniz. Comput..

[27]  Ethem Alpaydin,et al.  Introduction to machine learning , 2004, Adaptive computation and machine learning.

[28]  Abderrahim Sekkaki,et al.  Secured architecture for inter-VM traffic in a Cloud environment , 2013, 2nd IEEE Latin American Conference on Cloud Computing and Communications.

[29]  Saeed M. Alqahtani,et al.  An Intelligent Intrusion Detection System for Cloud Computing (SIDSCC) , 2014, 2014 International Conference on Computational Science and Computational Intelligence.