Analysis of Boosting Mechanisms in Cloud-based Intrusion Detection Systems

Abstract

In modern cloud ecosystems, cloud users request service sets for software, platform, and infrastructures. Due to open channels (Internet), cloud networks become soft targets for malicious intruders. Recent literature suggests the use of Artificial Intelligence (AI)-based Intrusion Detection Systems (IDS) to prevent the exploitation of cloud servers, which eats up useful resources (software, platform, and infrastructures). Thus, secured IDS are a critical necessity of modern-day cloud servers against zero-day attacks. To improve the learning and error rate, boosting mechanisms are used with Machine Learning (ML) algorithms, which improves the predictive analysis. In the boosting process, we sequentially combine different weak classifiers to improve the performance and reduce the bias of ML algorithms. The paper explores the different boosting algorithms to support attack classification in modern IDS datasets through a comparative analysis in terms of precision, recall, and F1 score. A case study of Binary Modest AdaBoost (BMA) is presented, and the comparative analysis of error rates and running time of BMA is presented for five benchmarking IDS (KDD Cup’ 99, UNSW-B15, TRAbID, NSL-KDD, and the CICIDS2017) datasets.