An intrusion detection algorithm based on bag representation with ensemble support vector machine in cloud computing

Abstract

SummaryThe increase of security incidents brings a challenge to the cloud computing security. Intrusion detection technologies have been applied to protect information in cloud from being compromised, and complicated learning‐based detection methods have been used to improve the performance of intrusion detection systems. Higher quality and well‐formed samples are crucial to the performance of detection algorithm. Therefore, we mainly study the intrusion detection model based on data optimization processing. In this article, we establish an intrusion detection algorithm based on ensemble support vector machine with bag representation. Specifically, the sample flows are divided into bags, where the sample flows in each bag are related to each other. Each bag contains multiple related data flows that can accurately reflect intrusion behavior, especially persistent intrusion. What's more, ensemble algorithm is applied to detection model, which greatly optimizes the performance of detection algorithm. The experimental results on open access datasets show that the proposed model detects the persistent attack with 90.58% recall.