IDS Using Reinforcement Learning Automata for Preserving Security in Cloud Environment

IDS Using Reinforcement Learning Automata for Preserving Security in Cloud Environment

Partha Ghosh (Netaji Subhash Engineering College, Kolkata, India & Maulana Abul Kalam Azad University of Technology, Kolkata, India), Meghna Bardhan (Netaji Subhash Engineering College, Kolkata, India), Nilabhra Roy Chowdhury (Netaji Subhash Engineering College, Kolkata, India) and Santanu Phadikar (Maulana Abul Kalam Azad University of Technology, Kolkata, India)
Copyright: © 2017 |Pages: 17
DOI: 10.4018/IJISMD.2017100102

Abstract

Cloud computing relies on sharing computing resources. With high availability and accessibility of resources, cloud computing is under the threat of major cyber-attacks. To detect attacks and preserve security in cloud environment, having an efficient intrusion detection system (IDS) is required. In this article, an effective and efficient IDS is proposed to maintain high level security of data in cloud. The authors have incorporated Reinforcement Learning Automata with their proposed IDS while detecting and classifying attacks. Using learning automata an effective rule set is generated with the proposed algorithm from vast training set to improve the learning process at reduced computation cost and time. After which, the proposed reinforcement learning algorithm helps in classification of attacks accurately using the reinforcement signal. This proposed model was experimented with NSL-KDD as well as KDD 10% dataset and have proved its robustness by detecting attacks more accurately being an IDS.
Article Preview

Introduction

Cloud Computing is a type of Internet computing, where mutual resources and information are provided to devices on-demand. Cloud targets on maximizing effectiveness of mutual resources. Cloud can be shared by multiple users and also be dynamically allotted per demand (Moorthy & Rajeswari, 2013). It provides data availability assertion, fast accessibility, flexibility and scalability (Mohata et al., 2013). Cloud Computing comprises: Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) (Mittal & Soni, 2013). It also plays a vital role in smart economy and has tremendous potential for growth. Data and information being most valuable assets are always at the risk of cyber-attacks. The rate of growth of data has increases by mammoth proportions with the invention of Cloud Computing and Big Data techniques. This furthermore increases the risk of intrusions and cyber data crimes happening. Thus, to fulfil the requirements such as confidentiality, integrity and availability the security policies are to be designed (Ledru et al., 2015). Firewalls and Intrusion Detection System (IDS) are designed to keep networks secured. A Firewall restricts access to network by screening traffic and deciding which packets should be allowed (Kanika and Urmila, 2013). Any unauthorised access to resources may hamper the security and privacy of the network is termed as intrusion. An IDS is a type of security management system which inspects all inbound and outbound network activity and identifies patterns that may indicate a network or system attack done by someone attempting to break into or compromise a system (Ghosh et al., 2015). IDS has two detection techniques, namely misuse and anomaly detection. The misuse is a signature-based detection approach and only those intrusion whose signatures are available can be detected. While anomaly-based detection approach measure deviation from the normal instances. So, an anomaly-based detection approach is capable to catch anonymous or new attacks (Nishani & Biba, 2015). With more sophisticated attacks, the safeguarding of security is becoming increasingly difficult. Denial of Service attack (DoS), Probe, Remote to Local attack (R2L), User to Root attack (U2R) are the major attacks that affect large number of computers daily in today’s world. In this paper, our aim is to detect attacks more efficiently and effectively, thereby preserving data security of shared information through Internet and other networks. With rise in data and easy accessibility of information made through Cloud environment, data security is at a constant threat. Already existing Firewalls and IDS have various limitations specially in detecting new sophisticated attacks. So, we have designed an IDS which can be trained with more updated data, thereby keeping the IDS always ready to catch even new and sophisticate attacks. We have found a way to deal with numerous data and make our IDS work with effectively reduced rule set thereby making our IDS fast with less computation and also classify attacks accurately as it occurs. NSL_KDD and KDD 10% dataset have been used in our experimental work. We have pre-processed the training dataset and extracted strong patterns with our proposed data mining technique. Attacks are then detected from the testing dataset using data classification and reinforcement learning. Reinforcement Learning Automata interacts with the environment and take actions to maximize cumulative reward depending upon the reinforcement signal thereby classifying test case accurately. Thus, in our proposed model we have incorporated Reinforcement Learning Automata with IDS in order to improve the performance of IDS while detecting and classifying attacks.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 9: 4 Issues (2018): Forthcoming, Available for Pre-Order
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing