A Clever Approach to Develop an Efficient Deep Neural Network Based IDS for Cloud Environments Using a Self-Adaptive Genetic Algorithm

2019 International Conference on Advanced Communication Technologies and Networking (CommNet) Pub Date : 2019-04-01 DOI:10.1109/COMMNET.2019.8742390

Z. Chiba, N. Abghour, K. Moussaid, Amina El Omri, M. Rida

{"title":"A Clever Approach to Develop an Efficient Deep Neural Network Based IDS for Cloud Environments Using a Self-Adaptive Genetic Algorithm","authors":"Z. Chiba, N. Abghour, K. Moussaid, Amina El Omri, M. Rida","doi":"10.1109/COMMNET.2019.8742390","DOIUrl":null,"url":null,"abstract":"Nowadays, Cloud Computing is one of the fastest growing and most used computing paradigms in the IT field. It is a computational platform that integrates massive computing, storage and network resources into a unified pool of resources, and offers them online over Internet to customers in an on-demand and pay-per-use fashion with least involvement of the cloud service provider. This new archetype characterized by big data and distributed technology uses such technology as multi-tenancy and virtualization, which brings along vulnerabilities, sharing risks and lead to different matters related to security and privacy in cloud computing (CC). Therefore, it is essential to create an efficient intrusion detection system to detect intruders and suspicious activities in and around the CC environment by monitoring network traffic, while maintaining performance and service quality. In this work, we propose a clever approach using a self-adaptive genetic algorithm (SAGA) to build automatically a Deep Neural Network (DNN) based Anomaly Network Intrusion Detection System (ANIDS). SAGA is a variant of standard Genetic Algorithm (GA), which is developed based on GA improved through an Adaptive Mutation Algorithm (AMA). Our method consists of using SAGA with the purpose of looking for the optimal or near optimal combination of most relevant values of the parameters included in building of DNN based IDS or impacting its performance, like feature selection, data normalization, architecture of DNN, activation function, learning rate and Momentum term, which ensure high detection rate, high accuracy and low false alarm rate. CloudSim 4.0 simulator platform and Kyoto 2006+ dataset version 2015 were employed for simulation and validation of the proposed system. The experimental results obtained demonstrate that in comparison to several traditional and recent approaches, our proposed IDS achieves higher detection rate and lower false positive rate.","PeriodicalId":274754,"journal":{"name":"2019 International Conference on Advanced Communication Technologies and Networking (CommNet)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Advanced Communication Technologies and Networking (CommNet)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COMMNET.2019.8742390","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Nowadays, Cloud Computing is one of the fastest growing and most used computing paradigms in the IT field. It is a computational platform that integrates massive computing, storage and network resources into a unified pool of resources, and offers them online over Internet to customers in an on-demand and pay-per-use fashion with least involvement of the cloud service provider. This new archetype characterized by big data and distributed technology uses such technology as multi-tenancy and virtualization, which brings along vulnerabilities, sharing risks and lead to different matters related to security and privacy in cloud computing (CC). Therefore, it is essential to create an efficient intrusion detection system to detect intruders and suspicious activities in and around the CC environment by monitoring network traffic, while maintaining performance and service quality. In this work, we propose a clever approach using a self-adaptive genetic algorithm (SAGA) to build automatically a Deep Neural Network (DNN) based Anomaly Network Intrusion Detection System (ANIDS). SAGA is a variant of standard Genetic Algorithm (GA), which is developed based on GA improved through an Adaptive Mutation Algorithm (AMA). Our method consists of using SAGA with the purpose of looking for the optimal or near optimal combination of most relevant values of the parameters included in building of DNN based IDS or impacting its performance, like feature selection, data normalization, architecture of DNN, activation function, learning rate and Momentum term, which ensure high detection rate, high accuracy and low false alarm rate. CloudSim 4.0 simulator platform and Kyoto 2006+ dataset version 2015 were employed for simulation and validation of the proposed system. The experimental results obtained demonstrate that in comparison to several traditional and recent approaches, our proposed IDS achieves higher detection rate and lower false positive rate.

查看原文本刊更多论文

一种利用自适应遗传算法开发基于深度神经网络的云环境IDS的聪明方法

如今，云计算是IT领域发展最快、使用最多的计算范式之一。它是一个计算平台，将大量的计算、存储和网络资源集成到一个统一的资源池中，并通过互联网以按需和按使用付费的方式在线提供给客户，而云服务提供商的参与最少。这种以大数据和分布式技术为特征的新原型使用了多租户和虚拟化等技术，这带来了云计算(CC)中的漏洞，共享风险并导致与安全性和隐私相关的不同问题。因此，必须创建一个有效的入侵检测系统，通过监控网络流量来检测CC环境内外的入侵者和可疑活动，同时保持性能和服务质量。在这项工作中，我们提出了一种巧妙的方法，使用自适应遗传算法(SAGA)自动构建基于深度神经网络(DNN)的异常网络入侵检测系统(ANIDS)。SAGA是标准遗传算法(GA)的一种变体，它是在遗传算法的基础上，通过自适应突变算法(AMA)改进而来的。我们的方法由SAGA组成，目的是寻找基于DNN的IDS构建或影响其性能的参数(如特征选择、数据归一化、DNN架构、激活函数、学习率和动量项)中最相关值的最优或接近最优组合，从而确保高检测率、高精度和低虚警率。采用CloudSim 4.0仿真平台和京都2006+数据集版本2015对所提出的系统进行了仿真和验证。实验结果表明，与几种传统和最新的检测方法相比，本文提出的检测方法具有更高的检测率和更低的误报率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2019 International Conference on Advanced Communication Technologies and Networking (CommNet)

自引率

0.00%

发文量