International Journal of Computer Network and Information Security (IJCNIS)
IJCNIS Vol. 11, No. 3, 8 Mar. 2019
Cover page and Table of Contents: PDF (size: 499KB)
Network Intrusion Detection System based PSO-SVM for Cloud Computing
Full Text (PDF, 499KB), PP.22-29
Views: 0 Downloads: 0
Author(s)
Index Terms
Cloud Computing, Intrusion Detection System, Anomaly Detection, Feature Selection, Particle Swarm Optimization
Abstract
Cloud computing provides and delivers a pool of on-demand and configurable resources and services that are delivered across the usage of the internet. Providing privacy and security to protect cloud assets and resources still a very challenging issue, since the distributed architecture of the cloud makes it vulnerable to the intruders. To mitigate this issue, intrusion detection systems (IDSs) play an important role in detecting the attacks in the cloud environment. In this paper, an anomaly-based network intrusion detection system (NIDS) is proposed which can monitor and analyze the network traffics flow that targets a cloud environment. The network administrator should be notified about the nature of these traffics to drop and block any intrusive network connections. Support vector machine (SVM) is employed as the classifier of the network connections. The binary-based Particle Swarm Optimization (BPSO) is adopted for selecting the most relevant network features, while the standard-based Particle Swarm Optimization (SPSO) is adopted for tuning the SVM control parameters. The benchmark NSL-KDD dataset is used as the network data source to build and evaluate the proposed system. Acceptable evaluation results state that the proposed system is characterized by detecting the intrusive network connections with high detection accuracy and low false alarm rates (FARs).
Cite This Paper
Mahmoud M. Sakr, Medhat A. Tawfeeq, Ashraf B. El-Sisi, "Network Intrusion Detection System based PSO-SVM for Cloud Computing", International Journal of Computer Network and Information Security(IJCNIS), Vol.11, No.3, pp.22-29, 2019. DOI:10.5815/ijcnis.2019.03.04
Reference
[1]P. Mell and T. Grance, The NIST Definition of Cloud Computing. NIST Special Publication, 2001. pp. 800-145.
[2]C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel and M. Radaradan, A Survey of Intrusion Detection Techniques in Cloud. Journal of Network and Computer Applications, 2013. vol. 36, pp. 42–57.
[3]P. Mishra, E.S. Pilli, V. Varadharadan and U. Tupakula, Intrusion detection techniques in cloud environment. Journal of Network and Computer Applications, 2017. vol. 77, pp. 18-47.
[4]Amirreza Zarrabi and Alireza Zarrabi, Internet Intrusion Detection System Service in a Cloud. International Journal of Computer Science Issues, 2012. vol. 9, pp. 308-315.
[5]Partha Ghosh, A.K. Mandal and Rupesh Kumar, An Efficient Cloud Network Intrusion Detection System. Information Systems Design and Intelligent Applications, Advances in Intelligent Systems and Computing, Springer, 2015. vol. 339, pp. 91-99.
[6]Popoola, Ebenezer, A.O Adewumi, Efficient Feature Selection Technique for Network Intrusion Detection System Using Discrete Differential Evolution and Decision. International Journal of Network Security, 2017. vol. 19, pp. 660-669.
[7]Kevric, Dasmin, S. Dukic, A. Subasi, An effective combining classifier approaches using tree algorithms for network intrusion detection. Neural Computing and Applications, 2017. vol. 28, pp. 1051-1058.
[8]S. Mehibs and S. Hashim, Proposed Network Intrusion Detection System Based on Fuzzy C Mean Algorithm in Cloud Computing Environment. Journal of Babylon University/Pure and Applied Sciences, 2017. vol. 26, pp. 27-35.
[9]T. Pham, E. Foo, S. Suriadi and H. Jeffrey, Improving performance of intrusion detection system using ensemble methods and feature selection. Australasian Computer Science Week Multi conference, ACM, 2018. pp. 1-6.
[10]Vojislav Kecman, Support Vector Machines, Neural Networks, and Fuzzy Logic Models. Learning and Soft Computing. MIT Press, Cambridge, MA, 2001. pp. 122-184.
[11]Awad M and Khanna R, Support Vector Machines for Classification. Efficient Learning Machines, Apress, Berkeley, California, 2015. pp. 39-66.
[12]D. Kennedy and R. Eberhart, A discrete binary version of the particle swarm algorithm. IEEE International Conference on Systems, Man, and Cybernetics, Computational Cybernetics and Simulation, 1997. vol. 5, pp. 4104–4108.
[13]D. Kennedy and R. Eberhart, Particle swarm optimization. IEEE International Conference on Neural Networks, 1995. vol. 4, pp. 1942–1948.
[14]M. Tavallaee, E. Bagheri, W. Lu and A.A. Ghorbani, A detailed analysis of the KDD CUP 99 data set. IEEE International Conference on Computational Intelligence for Security and Defense Applications, 2009. pp. 53-58.
[15]A. Antony, R. Priyadharshini and D.L. Epiphany, Cuckoo Optimization based Intrusion Detection System for Cloud Computing. International Journal of Computer Network and Information Security, 2018. vol. 10, pp. 42-49.
[16]I.S. Thaseen and C.A. Kumar, Intrusion detection model using a fusion of chi-square feature selection and multiclass SVM. Journal of King Saud University - Computer and Information Sciences, 2017. vol. 29, pp. 462-472.
[17]M.E. Elhamahmy and I.A. Saroit, A new approach for evaluating intrusion detection system. Artificial Intelligent Systems and Machine Learning, 2010. vol. 2, pp. 290-298.
[18]J.R. Beulah and D.S. Punithavathani, Simple hybrid feature selection for enhancing network intrusion detection with NSL-KDD dataset. International Journal of Applied Engineering Research, 2015. vol. 10, pp. 40498–40505.
[19]L. Dhanabal and S.P. Shantharadah, A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 2015. vol. 4, pp. 446–452.
[20]L. Dhanabal and S.P. Shantharadah, A study on NSL-KDD dataset for intrusion detection system based on classification algorithms. International Journal of Advanced Research in Computer and Communication Engineering, 2015. vol. 4, pp. 446–452.