An Improved Intrusion Detection System to Preserve Security in Cloud Environment

An Improved Intrusion Detection System to Preserve Security in Cloud Environment

Partha Ghosh (Netaji Subhash Engineering College, MAKAUT, Kolkata, India), Sumit Biswas (Tata Consultancy Services Ltd, Mumbai, India), Shivam Shakti (Netaji Subhash Engineering College, MAKAUT, Kolkata, India) and Santanu Phadikar (Maulana Abul Kalam Azad University of Technology, Kolkata, India)
Copyright: © 2020 |Pages: 14
DOI: 10.4018/IJISP.2020010105

Abstract

Cloud computing, also known as on-demand computing, provides different kinds of services for the users. As the name suggests, its increasing demand makes it prone to various intruders affecting the privacy and integrity of the data stored in the cloud. To cope with this situation, intrusion detection systems (IDS) are implemented in the cloud. An effective IDS constitutes of less time-consuming algorithm with less space complexity and higher accuracy. To do so, the number of features are reduced while maintaining minimal loss of information. In this paper, the authors have proposed a model by which the features are selected on the basis of mutual information gain among correlated features. To achieve this, they first group the features according to the correlativity. Then from each group, the features with the highest mutual information gain in their respective groups are selected. This led them to a reduced feature set which provides quick learning and thus produces a better IDS that would secure the data in the cloud.
Article Preview
Top

Introduction

Cloud computing is a widespread term for the transportation of hosted services using the Internet. Cloud computing has evolved as one of the most vital dimension of the modern software industry by making a transition from computing-as-a-product to computing-as-a-service (Murugesan, 2011). Instead of setting up a physical infrastructure, Cloud allows us to have the luxury of using applications, software, platforms etc. as a service and one has to pay only for the resources he consumes (Singh & Jangwal, 2012). Since in a Cloud Environment data arrives from different heterogeneous sources therefore understanding the associative vulnerabilities is the foremost job to do (Grobauer, Walloschek, & Stöcker, 2011) and then, to provide a way to maintain the integrity, confidentiality and availability of the incoming and outgoing data. Hamlen et al. (Hamlen, Kantarcioglu, Khan, & Thuraisingham, 2010) in their work have discussed the various security issues of the Cloud. IDS is one such solution that provides data security to the Cloud Environment. Based on deployment, IDS have two models, Host Based IDS(HIDS) and Network Based IDS(NIDS). HIDS attempts to recognize unauthorized, abnormal behaviors on a specific device (Hu, 2010). HIDS uses both Anomaly Based and Misuse Based Detection Techniques and plays a very compliant role in identifying, logging records and alerting the admin if there is any security issue. Whereas NIDS completely works on Network traffic. It captures Ethernet Packets and scans it in real time to decide whether it is an attack or not (Mukherjee, Heberlein, & Levitt, 1994). The number of unnecessary generated alerts in Anomaly Based IDS which causes high false alarm can be reduced as demonstrated by Hacini et al. (Salima Hacini, Zahia Guessoum, 2013) .

As the network traffic is huge in size so the analysis of packets in real time is too time-consuming phenomenon, hence for better performance of IDS it is incorporated with various data mining algorithms extensively (Yanjie, 2015). For further enhancement in the performance pre-processing of data becomes inevitable which reduces dimensions quite significantly (Said, Stirling, Federolf, & Barker, 2011). Feature Selection is one of the most widely used pre-processing technique which eliminates irrelevant and homogeneous features from a given feature set (Mladeni, 2006). Another pre-processing technique is Clustering which helps to eliminate outliers, noise and group similar kind of objects. Objects can be either instances or features (Kryszkiewicz & Skonieczny, 2005). For the experimental purpose the authors have used NSL-KDD dataset for training and testing purpose. In this paper, initially authors have designed a fully connected weighted graph of features, where each node represents a feature. Then Core Clusters are created by removing inconsistent edges. Later, the relevant features which have high Mutual Information Values, are selected from each core in order to get the Relevant Feature Set (RFS). Using the above mentioned methods the authors have proposed an Anomaly Based Intrusion Detection System.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 14: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 13: 4 Issues (2019)
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing