Sustainable Intrusion Detection with New Attack Classification in Private Clouds

Abstract

Traditional data-driven intrusion detection systems (IDSs) are typically based on the recognition of some specific features, regulations or patterns belonging to the well-defined known attacks, so they cannot separate new or unknown attacks from abnormities and may even confuse new attacks and legitimate behaviors. With the development of artificial intelligence (AI) technology, it becomes the mainstream technology to improve the detection performance of intrusion detection system. However, the available AI-driven IDSs can hardly classify different types of new attacks separated from abnormities, and they are usually not dedicated to the private cloud, edge or fog computing environments, where the update of the new attack recognition can be very different from that of the public environments. In this article, we present a novel sustainable and AI-driven intrusion detection scheme to support the classification of new attacks in the private clouds. We first adopt the convolutional neural network algorithm to recognize the known attacks, and then propose a new model of recognition and classification for unknown attacks based on network behaviors. We further propose a new approach to update the attacks recognition model for the private clouds. Finally, we provide extensive experiment results to demonstrate that our proposed scheme outperforms the previous IDSs in terms of attack detection accuracy, attack classification accuracy and updating efficiency.