Automatic Building of a Powerful IDS for The Cloud Based on Deep Neural Network by Using a Novel Combination of Simulated Annealing Algorithm and Improved Self- Adaptive Genetic Algorithm
Main Article Content
Abstract
Article Details
References
Ravji, S., & Ali, M. (2018, August). Integrated Intrusion Detection and Prevention System with Honeypot in Cloud Computing. In 2018 International Conference on Computing, Electronics & Communications Engineering (ICCECE) (pp. 95-100). IEEE. doi: 10.1109/iCCECOME.2018.8658593.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf.
Brunette, G., Mogull, R., et al. Security guidance for critical areas of focus in cloud computing v2. 1. Cloud Secure Alliance. 2009:1–76.
Sakr, M. M., Tawfeeq, M. A., & El-Sisi, A. B. (2019). Network Intrusion Detection System based PSO-SVM for Cloud Computing. International Journal of Computer Network and Information Security, 11(3), 22-29. doi: 10.5815/ijcnis.2019.03.04.
Nathiya, T., & Suseendran, G. (2019). An Effective Hybrid Intrusion Detection System for Use in Security Monitoring in the Virtual Network Layer of Cloud Computing Technology. In Data Management, Analytics and Innovation (pp. 483-497). Springer, Singapore. doi: 10.1007/978-981-13-1274-8_36.
ORACLE and KPMG Enterprises. ORACLE and KPMG Cloud Threat Report 2020; 2020. Available from: https://www.oracle.com/a/ocom/docs/cloud/oracle-cloud-threat-report-2020.pdf. [Accessed 08 August 2021].
Khatibzadeh, L., Bornaee, Z., & Ghaemi Bafghi, A. (2019). Applying Catastrophe Theory for Network Anomaly Detection in Cloud Computing Traffic. Security and Communication Networks, 2019. doi: 10.1155/2019/5306395.
Symantec Enterprise. 2019 Internet Security Threat Report; 2019. Available from: https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf. [Accessed 08 August 2021].
Netskope. 2020 Netskope Cloud and Threat Report- July 2021; 2021. Available from: https://resources.netskope.com/cloud-reports/cloud-and-threat-report-july-2021. [Accessed 08 August 2021].
Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in cloud. Journal of network and computer applications, 36(1), 42-57. doi: 10.1016/j.jnca.2012.05.003.
Gao, Y., Liu, Y., Jin, Y., Chen, J., & Wu, H. (2018). A Novel Semi-Supervised Learning Approach for Network Intrusion Detection on Cloud-Based Robotic System. IEEE Access, 6, 50927-50938. doi : 10.1109/ACCESS.2018.2868171.
Ghosh, P., Karmakar, A., Sharma, J., & Phadikar, S. (2019). CS-PSO based Intrusion Detection System in Cloud Environment. In Emerging Technologies in Data Mining and Information Security (pp. 261-269). Springer, Singapore. doi : 10.1007/978-981-13-1951-8_24.
Idhammad, M., Afdel, K., & Belouch, M. (2018). Distributed Intrusion Detection System for Cloud Environments based on Data Mining techniques. Procedia Computer Science, 127, 35-41. doi : 10.1016/j.procs.2018.01.095.
Mehibs, S. M., Hashim, S. H. (2018). Proposed Network Intrusion Detection System In Cloud Environment Based on Back Propagation Neural Network. Journal of University of Babylon for Pure and Applied Sciences, Vol. 26, No. 1, pp. 29-40.
Yassin, W., Udzir, N. I., Muda, Z., Abdullah, A., & Abdullah, M. T. (2012, June). A cloud-based intrusion detection service framework. In Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec) (pp. 213-218). IEEE. doi: 10.1109/CyberSec.2012.6246098.
Wu, S. X., & Banzhaf, W. (2010). The use of computational intelligence in intrusion detection systems: A review. Applied soft computing, 10(1), 1-35. doi: 10.1016/j.asoc.2009.06.019.
Krizhevsky, A., Sutskever, I., & Hinton, G. E. (2012). Imagenet classification with deep convolutional neural networks. In Advances in neural information processing systems (pp. 1097-1105).
Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., & Rida, M. (2018). A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Computers & Security, 75, 36-58. doi : 10.1016/j.cose.2018.01.023.
Hinton, G., Deng, L., Yu, D., Dahl, G., Mohamed, A. R., Jaitly, N., ... & Sainath, T. (2012). Deep neural networks for acoustic modeling in speech recognition. IEEE Signal processing magazine, 29. doi: 10.1109/MSP.2012.2205597.
Jacobson, L., Kanbe, B. (2015). Genetic algorithms in Java basics. Apress, New York, USA.
Kim, D. E., & Gofman, M. (2018, January). Comparison of shallow and deep neural networks for network intrusion
detection. In 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC) (pp. 204-208). IEEE. doi: 10.1109/CCWC.2018.8301755.
Woo, J. H., Song, J. Y., & Choi, Y. J. (2019, February). Performance Enhancement of Deep Neural Network Using
Feature Selection and Preprocessing for Intrusion Detection. In 2019 International Conference on Artificial Intelligence in Information and Communication (ICAIIC) (pp. 415-417). IEEE. doi: 10.1109/ICAIIC.2019.8668995.
Sheela, K. G., & Deepa, S. N. (2013). Review on methods to fix number of hidden neurons in neural networks. Mathematical Problems in Engineering, 2013. doi: 10.1155/2013/425740.
Zhang, Z., Zhang, G., Shen, Y., & Zhu, Y. (2019, July). Intrusion Detection Model Based on GA Dimension Reduction and MEA-Elman Neural Network. In International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (pp. 354-365). Springer, Cham. doi: 10.1007/978-3-319-93554-6_33.
Ghanshala, K. K., Mishra, P., Joshi, R. C., & Sharma, S. (2018, December). BNID: A Behavior-based Network Intrusion Detection at Network-Layer in Cloud Environment. In 2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC) (pp. 100-105). IEEE. doi: 10.1109/ICSCCC.2018.8703265.
Shyla, S. I., & Sujatha, S. S. (2019). Cloud Security: LKM and Optimal Fuzzy System for Intrusion Detection in Cloud Environment. Journal of Intelligent Systems, 29(1), 1626-1642. doi: 10.1515/jisys-2018-0479.
Ibrahim, N. M., & Zainal, A. (2020). A Distributed Intrusion Detection Scheme for Cloud Computing. International
Journal of Distributed Systems and Technologies (IJDST), 11(1), 68-82. doi: 10.4018/IJDST.2020010106.
Rabbani, M., Wang, Y. L., Khoshkangini, R., Jelodar, H., Zhao, R., & Hu, P. (2020). A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing. Journal of Network and Computer
Applications, 151, 102507. doi: 10.1016/j.jnca.2019.102507.
Neha, N., Raman, M. G., Somu, N., Senthilnathan, R., & Sriram, V. S. (2020). An Improved Feedforward Neural Network Using Salp Swarm Optimization Technique for the Design of Intrusion Detection System for Computer Network. In Computational Intelligence in Pattern Recognition (pp. 867-875). Springer, Singapore. doi: 10.1007/978-981-13-9042-5_74.
Krishnaveni, S., Vigneshwar, P., Kishore, S., Jothi, B., & Sivamohan, S. (2020). Anomaly-Based Intrusion Detection
System Using Support Vector Machine. In Artificial Intelligence and Evolutionary Computations in Engineering Systems (pp. 723-731). Springer, Singapore. doi: 10.1007/978-981-15-0199-9_62.
Abirami, M. S., Yash, U., & Singh, S. (2020). Building an Ensemble Learning Based Algorithm for Improving Intrusion Detection System. In Artificial Intelligence and Evolutionary Computations in Engineering Systems (pp. 635-649). Springer, Singapore. doi: 10.1007/978-981-15-0199-9_55.
Thilagam, T., & Aruna, R. (2021). Intrusion detection for network based cloud computing by custom RC-NN and optimization. ICT Express. doi :10.1016/j.icte.2021.04.006
Sobin Soniya, S., & Maria Celestin Vigila, S. (2021). Feedback deer hunting optimization algorithm for intrusion detection in cloud based deep residual network. International Journal of Modeling, Simulation, and Scientific Computing, 2150047. doi :10.1142/S1793962321500471.
Sayed, S., Nassef, M., Badr, A., & Farag, I. (2019). A Nested Genetic Algorithm for feature selection in high-dimensional cancer Microarray datasets. Expert Systems with Applications, 121, 233-243. doi: 10.1016/j.eswa.2018.12.022.
Pereira, R., & Aelenei, L. (2019). Optimization assessment of the energy performance of a BIPV/T-PCM system using Genetic Algorithms. Renewable Energy, 137, 157-166. doi: 10.1016/j.renene.2018.06.118.
Kendall, G., AI methods simulated annealing, Nottingham University. Available from: http://www.cs.nott.ac.uk/~pszgxk/aim/notes/simulatedannealing.doc. [Accessed 08 August 2021].
Rere, L. R., Fanany, M. I., & Arymurthy, A. M. (2015). Simulated annealing algorithm for deep learning. Procedia Computer Science, 72, 137-144. doi: 10.1016/j.procs.2015.12.114.
Du, K. L., & Swamy, M. N. S. (2016). Search and optimization by metaheuristics. Techniques and Algorithms Inspired by Nature; Birkhauser: Basel, Switzerland.
Metropolis, N., Rosenbluth, A. W., Rosenbluth, M. N., Teller, A. H., & Teller, E. (1953). Equation of state calculations by fast computing machines. The journal of chemical physics, 21(6), 1087-1092. doi: 10.1063/1.1699114.
Kirkpatrick, S., Gelatt, C. D., & Vecchi, M. P. (1983). Optimization by simulated annealing. science, 220(4598), 671-680.
Suman, B., & Kumar, P. (2006). A survey of simulated annealing as a tool for single and multiobjective optimization. Journal of the operational research society, 57(10), 1143-1160. doi: 10.1057/palgrave.jors.2602068.
Nourani, Y., & Andresen, B. (1998). A comparison of simulated annealing cooling strategies. Journal of Physics A: Mathematical and General, 31(41), 8373-8385. doi: 10.1088/0305-4470/31/41/011.
Lokeswari, N., & Rao, B. C. (2016). Artificial Neural Network Classifier for Intrusion Detection System in Computer Network. In Proceedings of the Second International Conference on Computer and Communication Technologies (pp. 581-591). Springer, New Delhi. doi : 10.1007/978-81-322-2526-3_60.
Tama, B.A, Rhee, K. (2017) .Attack Classification Analysis of IoT Network via Deep Learning Approach. Research Briefs on Information & Communication Technology Evolution (ReBICTE), 3, 1-9.
Song, J., Takakura, H., Okabe, Y., Eto, M., Inoue, D., & Nakao, K. (2011, April). Statistical analysis of honeypot data and building of Kyoto 2006+ dataset for NIDS evaluation. In Proceedings of the First Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (pp. 29-36). ACM. doi: 10.1145/1978672.1978676.
Musbau, D.A, Alhassan, J.K, (2018) .Ensemble Learning Approach for the Enhancement of Performance of Intrusion Detection System. International Conference on Information and Communication Technology and its Applications (ICTA 2018) (pp. 1-8), Minna, Nigeria.
Singh, D., Patel, D., Borisaniya, B., & Modi, C. (2016). Collaborative ids framework for cloud. International Journal of Network Security, 18(4), 699-709.
Wang, W., Zhang, X., Gombault, S., & Knapskog, S. J. (2009, December). Attribute normalization in network intrusion detection. In Pervasive systems, algorithms, and networks (ISPAN), 2009 10th international symposium on (pp. 448-453). IEEE. doi: 10.1109/I-SPAN.2009.49.
Kumar, S., & Yadav, A. (2014, May). Increasing performance of intrusion detection system using neural network. In Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on (pp. 546-550). IEEE. doi: 10.1109/ICACCCT.2014.7019145.
Sen, R., Chattopadhyay, M., & Sen, N. (2015, June). An efficient approach to develop an intrusion detection system based on multi layer backpropagation neural network algorithm: Ids using bpnn algorithm. In Proceedings of the 2015 ACM SIGMIS Conference on Computers and People Research (pp. 105-108). ACM. doi: 10.1145/2751957.2751979.
Gaidhane, R., Vaidya, C., & Raghuwanshi, M. (2014). Intrusion detection and attack classification using Back-propagation Neural Network. International Journal of Engineering Research and Technology, 3(3), 1112-1115.
Song, J., Takakura, H., & Okabe, Y. (2006). Description of kyoto university benchmark data. Available at link: http://www. takakura. com/Kyoto_data/BenchmarkData-Description-v5. pdf. [Accessed 08 August 2021]
Jabbar, M. A., & Aluvalu, R. (2017). RFAODE: A novel ensemble intrusion detection system. Procedia computer science, 115, 226-234. doi: 10.1016/j.procs.2017.09.129.
Protić, D. D. (2018). Review of KDD Cup'99, NSL-KDD and Kyoto 2006+ datasets. Vojnotehnički glasnik, 66(3), 580-596. Doi: doi:10.5937/vojtehg66-16670.
Sokolova, M., & Lapalme, G. (2009). A systematic analysis of performance measures for classification tasks. Information processing & management, 45(4), 427-437. doi: 10.1016/j.ipm.2009.03.002.
Chiba, Z., Abghour, N., Moussaid, K., & Rida, M. (2016). A cooperative and hybrid network intrusion detection framework in cloud computing based on snort and optimized back propagation neural network. Procedia Computer Science, 83, 1200-1206. doi: 10.1016/j.procs.2016.04.249.
Modi, C. N., Patel, D. R., Patel, A., & Muttukrishnan, R. (2012, July). Bayesian Classifier and Snort based network intrusion detection system in cloud computing. In Computing Communication & Networking Technologies (ICCCNT), 2012 Third International
Conference on (pp. 1-7). IEEE. doi: 10.1109/ICCCNT.2012.6396086.
Abouabdalla, O., El-Taj, H., Manasrah, A., & Ramadass, S. (2009, October). False positive reduction in intrusion detection system: A survey. In 2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology (pp. 463-466). IEEE. doi: 10.1109/ICBNMT.2009.5348536.
Ali, U., Dewangan, K. K., & Dewangan, D. K. (2018). Distributed Denial of Service Attack Detection Using Ant Bee Colony and Artificial Neural Network in Cloud Computing. In Nature Inspired Computing (pp. 165-175). Springer, Singapore. doi: 10.1007/978-981-10-6747-1_19.
Kyoto 2006+ dataset. Available from: http://www.takakura.com/Kyoto_data. [Accessed 08 August 2021].
CIDDS-001 dataset. Available: https://www.hs-coburg.de/forschung-kooperation/forschungsprojekte-oeffentlich/ingenieurwissenschaften/cidds-coburg-intrusion-detection-data-sets.html. [Accessed 08 August 2021].
Ring, M., Wunderlich, S., Grüdl, D., Landes, D., & Hotho, A. (2017, June). Flow-based benchmark data sets for intrusion detection. In Proceedings of the 16th European Conference on Cyber Warfare and Security. ACPI (pp. 361-369).
Zhang, Y., Chen, X., Jin, L., Wang, X., & Guo, D. (2019). Network Intrusion Detection: Based on Deep Hierarchical Network and Original Flow Data. IEEE Access, 7, 37004-37016. doi: 10.1109/ACCESS.2019.2905041.
Hatef, M. A., Shaker, V., Jabbarpour, M. R., Jung, J., & Zarrabi, H. (2018). HIDCC: A hybrid intrusion detection approach in cloud computing. Concurrency and Computation: Practice and Experience, 30(3), e4171-e7180. doi: 10.1002/cpe.4171
Chung, S., & Kim, K. (2015). A Heuristic Approach to Enhance the performance of Intrusion Detection System using Machine Learning Algorithms. In Proceedings of the Korea Institutes of Information Security and Cryptology Conference (CISC-W’15).
Javaid, A., Niyaz, Q., Sun, W., & Alam, M. (2016, May). A deep learning approach for network intrusion detection system. In Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS) (pp. 21-26). ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering).doi: 10.4108/eai.3-12-2015.2262516.
Gurung, S., Ghose, M. K., & Subedi, A. (2019). Deep Learning Approach on Network Intrusion Detection System using NSL-KDD Dataset. International Journal of Computer Network and Information Security (IJCNIS), 11(3), 8-14. doi: 10.5815/ijcnis.2019.03.02.
Goodfellow, I., Bengio, Y., & Courville, A. (2016). Deep learning. MIT press.
Demuth, H. B., Beale, M. H., De Jess, O., & Hagan, M. T. (2014). Neural network design. Martin Hagan.
Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access, 5, 21954-21961. doi: 10.1109/ACCESS.2017.2762418.
Shone, N., Ngoc, T. N., Phai, V. D., & Shi, Q. (2018). A deep learning approach to network intrusion detection. IEEE Transactions on Emerging Topics in Computational Intelligence, 2(1), 41-50. doi: 10.1109/TETCI.2017.2772792.
Al-Qatf, M., Lasheng, Y., Al-Habib, M., & Al-Sabahi, K. (2018). Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection. IEEE Access, 6, 52843-52856. doi: 10.1109/ACCESS.2018.2869577.
Ma, T., Yu, Y., Wang, F., Zhang, Q., & Chen, X. (2016, July). A hybrid methodologies for intrusion detection based deep neural network with support vector machine and clustering technique. In International Conference on Frontier Computing (pp. 123-134). Springer, Singapore. doi: 10.1007/978-981-10-3187-8_13.
Yang, Y., Zheng, K., Wu, C., & Yang, Y. (2019). Improving the Classification Effectiveness of Intrusion Detection by Using Improved Conditional Variational AutoEncoder and Deep Neural Network. Sensors, 19(11), 2528. Doi: 10.3390/s19112528.
Mehmood, Y., Shibli, M. A., Kanwal, A., & Masood, R. (2015, December). Distributed intrusion detection system using mobile agents in cloud computing environment. In 2015 Conference on Information Assurance and Cyber Security (CIACS) (pp. 1-8). IEEE. doi: 10.1109/CIACS.2015.7395559.
Singh, R., Kumar, H., & Singla, R. K. (2015). An intrusion detection system using network traffic profiling and online sequential extreme learning machine. Expert Systems with Applications, 42(22), 8609-8624. doi: 10.1016/j.eswa.2015.07.015.
Ghosh, P., Jha, S., Dutta, R., & Phadikar, S. (2016, July). Intrusion detection system based on BCS-GA in cloud environment. In International Conference on Emerging Research in Computing, Information, Communication and Applications (pp. 393-403). Springer, Singapore. doi: 10.1007/978-981-10-4741-1_35.
Aminanto, M. E., Kim, H., Kim, K. M., & Kim, K. (2017). Another fuzzy anomaly detection system based on ant clustering algorithm. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, 100(1), 176-183.doi: 10.1587/transfun.E100.A.176.
Pajouh, H. H., Dastghaibyfard, G., & Hashemi, S. (2017). Two-tier network anomaly detection model: a machine learning approach. Journal of Intelligent Information Systems, 48(1), 61-74. doi: 10.1007/s10844-015-0388-x.
Mehibs, S. M., & Hashim, S. H. (2018). Proposed network intrusion detection system based on fuzzy c mean algorithm in cloud computing environment. Journal of University of Babylon, 26(2), 27-35.
Hamamoto, A. H., Carvalho, L. F., Sampaio, L. D. H., Abrão, T., & Proença Jr, M. L. (2018). Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Systems with Applications, 92, 390-402. doi: 10.1016/j.eswa.2017.09.013.
Sharma, R., & Chaurasia, S. (2018). An enhanced approach to fuzzy C-means clustering for anomaly detection. In Proceedings of First International Conference on Smart System, Innovations and Computing (pp. 623-636). Springer, Singapore. doi: 10.1007/978-981-10-5828-8_60.
Borah, S., Panigrahi, R., & Chakraborty, A. (2018). An enhanced intrusion detection system based on clustering. In Progress in Advanced Computing and Intelligent Engineering (pp. 37-45). Springer, Singapore. doi: 10.1007/978-981-10-6875-1_5.
Achbarou, O., El Kiram, M. A., Bourkoukou, O., & Elbouanani, S. (2018). A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment. International Journal of Communication Networks and Information Security, 10(3), 526-533.