Dual stage ensemble technique for intrusion detection in cloud computing

Web Intell. Pub Date : 2023-03-22 DOI:10.3233/web-221800

P. Neelakantan, N. Yadav

{"title":"Dual stage ensemble technique for intrusion detection in cloud computing","authors":"P. Neelakantan, N. Yadav","doi":"10.3233/web-221800","DOIUrl":null,"url":null,"abstract":"A capability of cloud-based IDS in identifying complicated and anonymous attacks is rising in the current era. However, unwanted delays hinder the detection rate. A malicious user might utilize vast quantities of computational power. The cloud provides to perform attacks both within and without the cloud. Furthermore, there are major challenges for intrusion detection due to the ease of the cloud and also the continual restructuring and movement of cloud resources. Intruder detection, feature extraction, and data processing are all included in the novel optimization-based Intrusion Detection System (IDS) paradigm that will be presented in this study. Data normalization is used to first pre-process the input data. Then, appropriate feature extraction is carried out, including the extraction of (a) raw features, (b) statistical features, then (c) higher-order statistical features using suggested kurtosis. The detection phase is then applied to the retrieved features. A two-stage ensemble method is suggested for finding intruders in clouds. Random forest (RF), Support Vector Machine (SVM), optimal Neural Network (NN), and RNN make up the suggested ensemble technique. The RF, SVM, and Optimized NN algorithms are directly fed the collected features. The output of these classifiers is then provided to the RNN classifier (i.e.), RF output to RNN1, SVM output to RNN2, and optimized NN output to RNN3. Then, the weighted average of RNN 1, 2, and 3 is considered as the final output. A Self Adaptive Salp Swarm Optimization optimizes the weights of NN for exact detection (SA-SSO). Finally, a test is conducted to confirm the developed model’s superiority.","PeriodicalId":245783,"journal":{"name":"Web Intell.","volume":"52 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-03-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Web Intell.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3233/web-221800","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

A capability of cloud-based IDS in identifying complicated and anonymous attacks is rising in the current era. However, unwanted delays hinder the detection rate. A malicious user might utilize vast quantities of computational power. The cloud provides to perform attacks both within and without the cloud. Furthermore, there are major challenges for intrusion detection due to the ease of the cloud and also the continual restructuring and movement of cloud resources. Intruder detection, feature extraction, and data processing are all included in the novel optimization-based Intrusion Detection System (IDS) paradigm that will be presented in this study. Data normalization is used to first pre-process the input data. Then, appropriate feature extraction is carried out, including the extraction of (a) raw features, (b) statistical features, then (c) higher-order statistical features using suggested kurtosis. The detection phase is then applied to the retrieved features. A two-stage ensemble method is suggested for finding intruders in clouds. Random forest (RF), Support Vector Machine (SVM), optimal Neural Network (NN), and RNN make up the suggested ensemble technique. The RF, SVM, and Optimized NN algorithms are directly fed the collected features. The output of these classifiers is then provided to the RNN classifier (i.e.), RF output to RNN1, SVM output to RNN2, and optimized NN output to RNN3. Then, the weighted average of RNN 1, 2, and 3 is considered as the final output. A Self Adaptive Salp Swarm Optimization optimizes the weights of NN for exact detection (SA-SSO). Finally, a test is conducted to confirm the developed model’s superiority.

查看原文本刊更多论文

云计算中入侵检测的双阶段集成技术

在当今时代，基于云的IDS识别复杂和匿名攻击的能力正在上升。然而，不必要的延迟会阻碍检测率。恶意用户可能会利用大量的计算能力。云提供了在云内和云外执行攻击的能力。此外，由于云的易用性以及云资源的不断重组和移动，入侵检测面临着重大挑战。入侵者检测、特征提取和数据处理都包含在本研究中提出的基于优化的入侵检测系统(IDS)范例中。数据规范化用于首先对输入数据进行预处理。然后，进行适当的特征提取，包括提取(a)原始特征，(b)统计特征，然后(c)使用建议峰度的高阶统计特征。然后将检测阶段应用于检索到的特征。提出了一种寻找云中入侵者的两阶段集合方法。随机森林(RF)、支持向量机(SVM)、最优神经网络(NN)和RNN构成了建议的集成技术。射频、支持向量机和优化的神经网络算法直接输入收集到的特征。然后将这些分类器的输出提供给RNN分类器(即)，RF输出到RNN1, SVM输出到RNN2，优化的NN输出到RNN3。然后，将RNN 1、2、3的加权平均作为最终输出。一种自适应Salp群优化算法对神经网络的权值进行优化以实现精确检测(SA-SSO)。最后通过实验验证了所建模型的优越性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Web Intell.

自引率

0.00%

发文量