Enhancing cloud security: A study on ensemble learning-based intrusion detection systems

Cloud computing has become an essential technology for people and enterprises due to the simplicity and rapid availability of services on the internet. These services are usually delivered through a third party, which provides the required resources for users. Therefore, because of the distributed complexity and increased spread of this type of environment, many attackers are attempting to access sensitive data from users and organizations. One counter technique is the use of intrusion detection systems (IDSs), which detect attacks within the cloud environment by monitoring traffic activity. However, since the computing environment varies from the environments of most traditional systems, it is difficult for IDSs to identify attacks and continual changes in attack patterns. Therefore, a system that uses an ensemble learning algorithm is proposed. Ensemble learning is a machine learning technique that collects information from weak classifiers and creates one robust classifier with higher accuracy than the individual weak classifiers. The bagging technique is used with a random forest algorithm as a base classifier and compared to three boosting classifiers: Ensemble AdaBoost, Ensemble LPBoost, and Ensemble RUSBoost. The CICID2017 dataset is utilized to develop the proposed IDS to satisfy cloud computing requirements. Each classifier is also tested on various subdatasets individually to analyze the performance. The results show that Ensemble RUSBoost has the best average performance overall with 99.821% accuracy. Moreover, bagging achieves the best performance on the DS2 subdataset, with an accuracy of 99.997%. The proposed model is also compared to a model from the literature to show the differences and demonstrate its effectiveness.