Cloud Intrusion Detection Method Based on Stacked Contractive Auto-Encoder and Support Vector Machine
Abstract : Security issues have resulted in severe damage to the cloud computing environment, adversely affecting the healthy and sustainable development of cloud computing. Intrusion detection is one of the technologies for protecting the cloud computing environment from malicious attacks. However, network traffic in the cloud computing environment is characterized by large scale, high dimensionality, and high redundancy; these characteristics pose serious challenges to the development of cloud intrusion detection systems. Deep learning technology has shown considerable potential for intrusion detection. Therefore, this study aims to use deep learning to extract essential feature representations automatically and realize high detection performance efficiently. An effective stacked contractive auto encoder (SCAE) method is presented for unsupervised feature extraction. By using the SCAE method, better and robust low-dimensional features can be automatically learned from raw network traffic. A novel cloud intrusion detection system is designed on the basis of the SCAE and support vector machine (SVM) classification algorithm. The SCAE+SVM approach combines both deep and shallow learning techniques, and it fully exploits their advantages to significantly reduce the analytical overhead. Experiments show that the proposed SCAE+SVM method achieves higher detection performance compared to three other state-of-the-art methods on two well-known intrusion detection evaluation datasets, namely KDD Cup 99 and NSL-KDD.
Cloud computing is expected to provide on-demand, agile, and elastic services. Cloud networking extends cloud computing by providing virtualized networking functionalities and allows various optimizations, for example to reduce latency while increasing flexibility in the placement, movement, and interconnection of these virtual resources. However, this approach introduces new security challenges.
The existing cloud computing service provisioning models introduces network-related security challenges.
Some of these security challenges were described by Schoo et al., in [12], specifically information security, virtualization environment threats, and communication security.
In this paper, we propose a new intrusion detection model in which wecombine a newly proposed genetic based feature selection algorithm and an existing Fuzzy Support Vector Machines (SVM) for effective classification as a solution. The feature selection reduces the number of features by removing unimportant features, hence reducing runtime. Moreover, when the Fuzzy SVM classifier is used with the reduced feature set, it improves the detection accuracy. Experimental results of the proposed combination of feature selection and classification model detects anomalies with a low false alarm rate and a high detection rate when tested with the KDD Cup 99 data set.
The proposed ID Turnout to be a suitable solution to these issues. An IDS has become an essential component in security systems since it can be used to detect threats before they cause widespread damage.
The IDS proposed in this paper can be used to examine collected audit data. Intrusion detection paradigms are based uponmodelsof intrusive or innocent behavior, so that both internal and external intrusion attempts may be identified efficiently.
|