Abstract
Attacks on cloud computing (CC) services and infrastructure have raised concerns about the efficacy of data protection mechanisms in this environment. The framework developed in this study (CCAID: cloud computing, attack, and intrusion detection) aims to improve the performance of intrusion detection systems (IDS) operating in CC environments. It deploys a proposed new hybrid ensemble feature selection (FS) method. The ensemble includes FS algorithms of three different types (filter, wrapper, and embedded algorithms). The selected features used to train the ML (machine learning) model of the intrusion detection component comprised a binary detection engine for the identification of malicious/attack packets and a multiclassification detection engine for the identification of the type of attack. Both detection engines deploy ensemble classifiers. Experiments were carried out using the NSL KDD dataset. The binary model achieved a classification accuracy of 99.55% with a very low false alarm rate of 0.45%. The classification accuracy of the multiclassification model was also high (98.92%). These results compare very favourably with the results reported in the literature and indicate the feasibility of the framework implementation.
Highlights
Cloud computing (CC) technology provides users with new and potentially easier ways to access, store, and maintain their data [1]
We used the scikit-learn and Anaconda machine learning (ML) libraries for the building of the ML models on an Intel(R) Core(TM) i7-8700 CPU @3.20 GHz machine (16 GB RAM, 500 GB HD). e binary detection engine is a binary classifier that applies an ensemble voting approach. e ensemble comprises three ML algorithms (Decision Tree, Random Forest, and K-Nearest Neighbours). e multiclass detection engine applies an ensemble bagging classifier with Random Forest as the base estimator. e ensemble methods for the detection engines were selected experimentally based on their performance
E proposed feature selection (FS) method was tested on the NS KDD dataset. e binary detection engine and the multiclass detection engines were trained independently on the same dataset using the set of features selected by hybrid ensemble feature selection method (HEFSM). e experimental results showed improved performance and stability
Summary
Cloud computing (CC) technology provides users with new and potentially easier ways to access, store, and maintain their data [1]. Li et al [3] proposed a nonlinear optimization model for cloud resource allocation that aims to ensure the operation of an IoT system by maximizing the cost-performance ratio for devices used to access resources in the CC environment. Cyberattacks on cloud resources and services can have a negative impact on the performance of the CC infrastructure and jeopardise meeting the QoS requirements. As cyberattacks are becoming increasingly sophisticated, it is important to develop means of preventing or thwarting such attacks and to ensure the security of the data stored and processed in CC environments [5, 6]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
