Objectives : The objective of this study is to explore Intrusion Detection Systems and their various types by gathering research from previously published articles in refereed journals. The focus is on developing a proposed model capable of identifying unknown attacks in cloud networks using Signature and Anomaly-based Intrusion Detection Systems. Subsequently, the efficiency of the proposed model will be assessed, and a comparison with existing models will be conducted. The paper's main objective is to identify unknown attacks in a cloud network using a combination of signature and anomaly-based intrusion detection systems in an artificial intelligence-based multi-layered approach. Methods: Leveraging insights from existing literature, the proposed model combines signature-based IDS for known threat detection and anomaly-based IDS for detecting unusual behavioral patterns indicative of new or unseen attacks. Experimental evaluations using NSL-KDD and ADFA datasets demonstrate competitive accuracy and detection rates, with the proposed artificial intelligence-based Hybrid IDS achieving high performance in detecting both normal and malicious activities. Findings: This model produces above 90%, 96%, and 98% efficiency in the wired, Wireless, and Cloud networks respectively, and this model finds known attacks effectively while using parameters like event logs, file transferring time, TCP and UDP addresses, CPU Usage, Weak and synthetic data, IP and MAC address. Existing literature said that the existing model using the Hybrid Intrusion detection model can identify unknown attacks with a maximum of 80%, 92%, and 96% accuracy respectively. The findings suggest that the artificial intelligence-based multi-layered approach offers a promising solution for enhancing cloud network security, with the potential for further optimization and integration of advanced technologies in future research endeavors. Novelty: This study presents an artificial intelligence-based multi-layered approach for detecting unknown attacks in cloud networks by integrating signature-based and anomaly-based intrusion detection systems (IDS). The authors developed the model to detect the intrusion by using the Behaviour Profiling algorithm and dynamically prevent the data from intrusion by using the Statistical approach model. The authors trying to find unknown attacks, therefore the authors defined the objective of this paper as to find the unknown attacks in cloud networks by using the combination of signature and anomaly-based intrusion detection systems. The objective is to develop a model capable of effectively identifying cyber threats in cloud environments. The existing models do not concentrate on identifying unknown attacks by using Signature-based Intrusion Detection. Very few of the literature said that known attacks can be identified easily by using Signature-based Intrusion Detection but the unknown attacks identifying process is hard. Some of the Literature said that using the Hybrid Intrusion detection model can identify unknown attacks with a maximum of 80%, 92%, and 96% accuracy respectively. The current paper identifies unknown attacks in the cloud network using a combination of signature and anomaly-based intrusion detection systems in an artificial intelligence-based multi-layered approach and it produced above 97% accuracy. The unique feature of the model is artificial intelligence-based multi-layered approach and dynamic key have been utilized to avoid malicious activities in the network. Keywords: Anomaly based IDS, Cloud Network Security, Hybrid IDS, Multi-Layer Approach, Signature based IDS
Read full abstract