{"title":"klm-PPSA v. 1.1: machine learning-augmented profiling and preventing security attacks in cloud environments","authors":"Nahid Eddermoug, Abdeljebar Mansour, Mohamed Sadik, Essaid Sabir, Mohamed Azmi","doi":"10.1007/s12243-023-00971-w","DOIUrl":null,"url":null,"abstract":"<div><p>Nowadays, cloud computing is one of the key enablers for productivity in different domains. However, this technology is still subject to security attacks. This article aims at overcoming the limitations of detecting unknown attacks by “intrusion detection and prevention systems (IDPSs)” while addressing the black-box issue (lack of interpretability) of the widely used machine learning (ML) models in cybersecurity. We propose a “<i>klm</i>-based profiling and preventing security attacks (<i>klm</i>-PPSA)” system (v. 1.1) to detect, profile, and prevent both known and unknown security attacks in cloud environments or even cloud-based IoT. This system is based on <i>klm</i> security factors related to passwords, biometrics, and keystroke techniques. Besides, two sub-schemes of the system were developed based on the updated and improved version of the <i>klm</i>-PPSA scheme (v. 1.1) to analyze the impact of these factors on the performance of the generated models (<i>k</i>-PPSA, <i>km</i>-PPSA, and <i>klm</i>-PPSA). The models were built using two accurate and interpretable ML algorithms: regularized class association rules (RCAR) and classification based on associations (CBA). The empirical results show that <i>klm</i>-PPSA is the best model compared to other models owing to its high performance and attack prediction capability using RCAR/CBA. In addition, RCAR performs better than CBA.</p></div>","PeriodicalId":50761,"journal":{"name":"Annals of Telecommunications","volume":"78 11-12","pages":"729 - 755"},"PeriodicalIF":1.8000,"publicationDate":"2023-07-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Annals of Telecommunications","FirstCategoryId":"94","ListUrlMain":"https://link.springer.com/article/10.1007/s12243-023-00971-w","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"TELECOMMUNICATIONS","Score":null,"Total":0}
引用次数: 2
Abstract
Nowadays, cloud computing is one of the key enablers for productivity in different domains. However, this technology is still subject to security attacks. This article aims at overcoming the limitations of detecting unknown attacks by “intrusion detection and prevention systems (IDPSs)” while addressing the black-box issue (lack of interpretability) of the widely used machine learning (ML) models in cybersecurity. We propose a “klm-based profiling and preventing security attacks (klm-PPSA)” system (v. 1.1) to detect, profile, and prevent both known and unknown security attacks in cloud environments or even cloud-based IoT. This system is based on klm security factors related to passwords, biometrics, and keystroke techniques. Besides, two sub-schemes of the system were developed based on the updated and improved version of the klm-PPSA scheme (v. 1.1) to analyze the impact of these factors on the performance of the generated models (k-PPSA, km-PPSA, and klm-PPSA). The models were built using two accurate and interpretable ML algorithms: regularized class association rules (RCAR) and classification based on associations (CBA). The empirical results show that klm-PPSA is the best model compared to other models owing to its high performance and attack prediction capability using RCAR/CBA. In addition, RCAR performs better than CBA.
期刊介绍:
Annals of Telecommunications is an international journal publishing original peer-reviewed papers in the field of telecommunications. It covers all the essential branches of modern telecommunications, ranging from digital communications to communication networks and the internet, to software, protocols and services, uses and economics. This large spectrum of topics accounts for the rapid convergence through telecommunications of the underlying technologies in computers, communications, content management towards the emergence of the information and knowledge society. As a consequence, the Journal provides a medium for exchanging research results and technological achievements accomplished by the European and international scientific community from academia and industry.