An Efficient Automatic Intrusion Detection in Cloud Using Optimized Fuzzy Inference System

An Efficient Automatic Intrusion Detection in Cloud Using Optimized Fuzzy Inference System

S. Immaculate Shyla (Department of Computer Science, S.T. Hindu College, Nagercoil Manonmaniam Sundaranar University, Nagercoil, India) and S.S. Sujatha (Department of Computer Science and Application, S.T. Hindu College, Nagercoil Manonmaniam Sundaranar University, Nagercoil, India)
Copyright: © 2020 |Pages: 20
DOI: 10.4018/IJISP.2020100102

Abstract

Security incidents such as denial of service (DoS), scanning, malware code injection, viruses, worms, and password cracking are becoming common in a cloud environment that affects companies and may produce a financial loss if not detected in time. Such problems are handled by presenting an intrusion detection system (IDS) into the cloud. The existing cloud IDSs affect low detection accuracy, high false detection rate, and execution time. To overcome this problem, in this article, a gravitational search algorithm-based fuzzy inference system (GSA-FIS) is developed as intrusion detection. In this approach, fuzzy parameters are optimized using GSA. The proposed consist of two modules namely; possibilistic fuzzy c-means (PFCM) based clustering, training based on the GSA-FIS, and testing process. Initially, the incoming data is pre-processed and clustered with the help of PFCM. PFCM detects the noise of fuzzy c-means clustering (FCM), then conquers the coincident cluster problem of possibilistic fuzzy c-means (PCM) and eradicate the row sum constraints of fuzzy possibilistic c-means clustering (FPCM). After the clustering process, the clustered data is given to the optimized fuzzy inference system (OFIS). Here, normal and abnormal data are identified by the fuzzy score, while the training is done by the GSA through optimizing the entire fuzzy system. In this approach, four types of abnormal data are detected namely- probe, remote to local (R2L), user to root (U2R), and DoS. Simulation results show that the performance of the proposed GSA-FIS based IDS outperforms that of the different schemes in terms of precision, recall and F-measure.
Article Preview
Top

1. Introduction

Intrusion is one such critical and important security problem for Cloud Computing. Intrusion is one of the important issues in all the networks, especially in Cloud computing where all the services are served via the Internet. The term intrusion can be defined as the process of entering into a network without proper authentication (Ragendran et al., 2015). The IDS is the most commonly used mechanism to detect various attacks on the cloud (Kene et al., 2015). The ideal IDS are the one that has 100% detection efficiency against the possible vulnerabilities. It can be designed based on detection techniques, deployment location, and alert mechanism the intrusions can be detected by anomaly or signature-based detection techniques (Deshpande et al., 2018). An IDS is a security tool that captures and monitors the network traffic and/or system logs and scans the system/network for suspicious activities. It further alerts the system or cloud administrator about the attacks. Different intrusion detection techniques used in a cloud environment include misuse detection, anomaly detection, virtual machine introspection (VMI), hypervisor introspection (HVI) and a combination of hybrid techniques (Mishra et al., 2017).

Hypervisor-based cloud intrusion detection system does not require additional software installed in virtual machines and has many advantages compared to host-based and network-based intrusion detection systems, which can complement these traditional approaches to intrusion detection. One automated security control recommended by the Cloud Security Alliance for cloud computing environments is an intrusion detection system network intrusion detection system attempt to address attacks from outsiders and generally have limited effectiveness against insider attacks (Nikolai & Yong, 2014). As far as IDS is concerned, the classification of various attacks is very crucial. Based on the classification, the IDS can generate alerts to the user or the administrator against unauthorized access or malicious activities (Deshpande et al., 2018). In IDS, basically, two types of threats are available namely, insider (attackers within a Cloud network) and outsider (attackers outside the Cloud network) considered in Cloud Network (Ghosh et al., 2015). As a traditional security approach, the intrusion detection system (IDS) is a dynamic discipline that has been associated with diverse techniques (Gai et al., 2016). Intrusion Detection System (IDS) has become the most commonly used component of computer system security and compliance practices that defends network-accessible Cloud resources and services from various kinds of threats and attacks (Chiba, 2016).

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 15: 4 Issues (2021): 1 Released, 3 Forthcoming
Volume 14: 4 Issues (2020)
Volume 13: 4 Issues (2019)
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing