Attack and intrusion detection in cloud computing using an ensemble learning approach

Abstract

The distributed and decentralized nature of cloud computing facilitates its adoption and expansion in different sectors of society such as education, government, information technology, business, and entertainment, etc. Cloud Computing provides a wide information technology landscape. Its existence in every section of society makes this computing paradigm prone to intrusions and attacks. A huge volume of data stored on cloud computing poses a high risk of security and privacy [6]. Therefore it is important to build a network intrusion detection system using an anomaly detection approach for a cloud computing network which can identify as many threats as possible with better assault identification level and less false positives. This paper discusses an effective network-based intrusion detection model utilizing an ensemble-based machine learning approach using four classifiers i.e., Boosted tree, bagged tree, subspace discriminant, and RUSBooted along with a voting scheme. The voting algorithm is incorporated into the framework to obtain a consolidated final prediction. Standard dataset and simulator namely, CICIDS 2017 and CloudSim were used for simulation and testing of the suggested model. The implementation results obtained by employing individual classifiers and combined result of all the four classifiers is compared along with comparing the proposed model with respect to existing Intrusion detection models. Results of implementation demonstrate the ability of the proposed model in the identification of intrusions in the cloud environment with a higher rate of detection and generation of minimal false alarm warnings, which suggests its dominance relative to state-of-the-art approaches. The implementation results show an accuracy of 97.24%.