Hybrid one‐dimensional residual autoencoder and ensemble of gradient boosting for cloud IDS

Abstract

SummaryThe distributed and decentralized architecture of cloud computing is important for a number of industries, including business, government, entertainment, education, and information technology. It facilitates a wide aspect of information technology, where the computing model is vulnerable to attacks or intrusion. For detecting malicious activities, a novel intrusion detection system (IDS) is required to be developed. In this paper, an enhanced synthetic minority oversampling technique (SMOTE) with a hybrid one‐dimensional residual auto encoder and the Ensemble of Gradient Boosting (1D‐RAE‐EGB) models are proposed for cloud intrusion detection. The proposed IDS resolves the class imbalance problem through enhanced SMOTE. In addition, noise reduction is accomplished with ID‐RAE, which minimizes the data dimension. Finally, the soft voting‐based ensemble classification model is used for attack detection. The ensemble gradient boosting model comprises categorical boosting (CatBoost), extreme gradient boosting (XGBoost), and light gradient boosting machine (LightGBM). The ensemble model is fine‐tuned by reducing the number of parameters under fitting conditions since it is not compulsory to re‐adjust the weight values in a backpropagation process. The proposed IDS is implemented in Python using the NSL‐KDD dataset. The accuracy, precision, recall, f1‐score, false positive rate (FPR), false negative rate (FNR), specificity, and Kappa measure obtained for the proposed IDS are 99.98%, 99.3%, 98.5%, 99.95%, 0.723, 0.46, 99.98%, and 99.97%, respectively.