A deep learning model based anomalous behavior detection for supporting verifiable access control scheme in cloud servers

Abstract

Due to the growth of Big Data (BD) storage and access in cloud computing infrastructure, the detection of anomalies for Cloud Servers (CSs) is essential to ensure data confidentiality. Over the past decades, different security systems have been designed based on various methods like encryption, Access Policy (AP) control schemes, signcryption and so on. Among many security systems, a new Improved NTRU (INTRU) decryption based on the AP strategy has been suggested to secure the BD processed by the CSs. Also, the shared secret data was authenticated to defend the clients from anomalies in the cloud. But, the AP upgrade must not degrade the confidentiality of storing information, reveal trust in the CS or cause any different security challenges. It is not considered that such security challenges occur when the data owner shares its data with many CSs. Hence in this article, an INTRU with Detecting Anomalous in CS (INTRU-DACS) system is proposed that employs a deep learning-based Anomaly Detection System (ADS) to handle and secure the BD stored in the CSs. The main goal of this method is to effectively identify the abnormalities in the real world by the conduct utilization, i.e., the System Call Identifier Sequences (SCISs) created from CSs in which these conducts are associated with BD. Initially, effective data summarization is constructed via different feature states to analyze the SCISs of specific durations. After that, an anomaly identification algorithm is proposed to train and test the streaming of raw SC sequences. This observable SCs execution task of CSs is gathered from log files. The variations of such SCISs having a specified duration are random for usual and unusual sequences. So, the fact of current normal and abnormal services is recognized regarding their SCISs. Such normal and abnormal behavioral states are learned from Convolutional Neural Network-Hidden Markov Model (CNNHMM) classifier to identify the anomalies in CSs. But, it is still a challenging process because of the patterns of usual and unusual events. The performance is not effective since it models only the conduct of a huge number of SCISs created from a single CS. As a result, a Secure Access Control Scheme with DACS (SACS-DACS) system is proposed in which a Multidimensional Feature Misbehavior Server Detection method (MFMSD) is introduced for detecting anomalies in multiple CSs. In this method, large-scale SCISs of multiple CSs are extracted, including different features such as network traffic sequence features, CPU energy usage and memory usage from host logs. These extracted multidimensional features are fed to the CNNHMM that identifies the anomalies and maximizes the detection accuracy. At last, the simulation results demonstrate the effectiveness of the SACS-DACS and INTRU-DACS as compared to the INTRU.