{"title":"加强云安全:基于集合学习的入侵检测系统研究","authors":"Maha Al-Sharif, Anas Bushnag","doi":"10.1049/cmu2.12801","DOIUrl":null,"url":null,"abstract":"<p>Cloud computing has become an essential technology for people and enterprises due to the simplicity and rapid availability of services on the internet. These services are usually delivered through a third party, which provides the required resources for users. Therefore, because of the distributed complexity and increased spread of this type of environment, many attackers are attempting to access sensitive data from users and organizations. One counter technique is the use of intrusion detection systems (IDSs), which detect attacks within the cloud environment by monitoring traffic activity. However, since the computing environment varies from the environments of most traditional systems, it is difficult for IDSs to identify attacks and continual changes in attack patterns. Therefore, a system that uses an ensemble learning algorithm is proposed. Ensemble learning is a machine learning technique that collects information from weak classifiers and creates one robust classifier with higher accuracy than the individual weak classifiers. The bagging technique is used with a random forest algorithm as a base classifier and compared to three boosting classifiers: Ensemble AdaBoost, Ensemble LPBoost, and Ensemble RUSBoost. The CICID2017 dataset is utilized to develop the proposed IDS to satisfy cloud computing requirements. Each classifier is also tested on various subdatasets individually to analyze the performance. The results show that Ensemble RUSBoost has the best average performance overall with 99.821% accuracy. Moreover, bagging achieves the best performance on the DS2 subdataset, with an accuracy of 99.997%. The proposed model is also compared to a model from the literature to show the differences and demonstrate its effectiveness.</p>","PeriodicalId":55001,"journal":{"name":"IET Communications","volume":"18 16","pages":"950-965"},"PeriodicalIF":1.5000,"publicationDate":"2024-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cmu2.12801","citationCount":"0","resultStr":"{\"title\":\"Enhancing cloud security: A study on ensemble learning-based intrusion detection systems\",\"authors\":\"Maha Al-Sharif, Anas Bushnag\",\"doi\":\"10.1049/cmu2.12801\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Cloud computing has become an essential technology for people and enterprises due to the simplicity and rapid availability of services on the internet. These services are usually delivered through a third party, which provides the required resources for users. Therefore, because of the distributed complexity and increased spread of this type of environment, many attackers are attempting to access sensitive data from users and organizations. One counter technique is the use of intrusion detection systems (IDSs), which detect attacks within the cloud environment by monitoring traffic activity. However, since the computing environment varies from the environments of most traditional systems, it is difficult for IDSs to identify attacks and continual changes in attack patterns. Therefore, a system that uses an ensemble learning algorithm is proposed. Ensemble learning is a machine learning technique that collects information from weak classifiers and creates one robust classifier with higher accuracy than the individual weak classifiers. The bagging technique is used with a random forest algorithm as a base classifier and compared to three boosting classifiers: Ensemble AdaBoost, Ensemble LPBoost, and Ensemble RUSBoost. The CICID2017 dataset is utilized to develop the proposed IDS to satisfy cloud computing requirements. Each classifier is also tested on various subdatasets individually to analyze the performance. The results show that Ensemble RUSBoost has the best average performance overall with 99.821% accuracy. Moreover, bagging achieves the best performance on the DS2 subdataset, with an accuracy of 99.997%. The proposed model is also compared to a model from the literature to show the differences and demonstrate its effectiveness.</p>\",\"PeriodicalId\":55001,\"journal\":{\"name\":\"IET Communications\",\"volume\":\"18 16\",\"pages\":\"950-965\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-07-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/cmu2.12801\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Communications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cmu2.12801\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Communications","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cmu2.12801","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
Enhancing cloud security: A study on ensemble learning-based intrusion detection systems
Cloud computing has become an essential technology for people and enterprises due to the simplicity and rapid availability of services on the internet. These services are usually delivered through a third party, which provides the required resources for users. Therefore, because of the distributed complexity and increased spread of this type of environment, many attackers are attempting to access sensitive data from users and organizations. One counter technique is the use of intrusion detection systems (IDSs), which detect attacks within the cloud environment by monitoring traffic activity. However, since the computing environment varies from the environments of most traditional systems, it is difficult for IDSs to identify attacks and continual changes in attack patterns. Therefore, a system that uses an ensemble learning algorithm is proposed. Ensemble learning is a machine learning technique that collects information from weak classifiers and creates one robust classifier with higher accuracy than the individual weak classifiers. The bagging technique is used with a random forest algorithm as a base classifier and compared to three boosting classifiers: Ensemble AdaBoost, Ensemble LPBoost, and Ensemble RUSBoost. The CICID2017 dataset is utilized to develop the proposed IDS to satisfy cloud computing requirements. Each classifier is also tested on various subdatasets individually to analyze the performance. The results show that Ensemble RUSBoost has the best average performance overall with 99.821% accuracy. Moreover, bagging achieves the best performance on the DS2 subdataset, with an accuracy of 99.997%. The proposed model is also compared to a model from the literature to show the differences and demonstrate its effectiveness.
期刊介绍:
IET Communications covers the fundamental and generic research for a better understanding of communication technologies to harness the signals for better performing communication systems using various wired and/or wireless media. This Journal is particularly interested in research papers reporting novel solutions to the dominating problems of noise, interference, timing and errors for reduction systems deficiencies such as wasting scarce resources such as spectra, energy and bandwidth.
Topics include, but are not limited to:
Coding and Communication Theory;
Modulation and Signal Design;
Wired, Wireless and Optical Communication;
Communication System
Special Issues. Current Call for Papers:
Cognitive and AI-enabled Wireless and Mobile - https://digital-library.theiet.org/files/IET_COM_CFP_CAWM.pdf
UAV-Enabled Mobile Edge Computing - https://digital-library.theiet.org/files/IET_COM_CFP_UAV.pdf