دانلود رایگان مقاله انگلیسی توزیع سیستم تشخیص نفوذ برای محیط های ابر بر اساس تکنیک های داده کاوی - الزویر 2018

عنوان فارسی
توزیع سیستم تشخیص نفوذ برای محیط های ابر بر اساس تکنیک های داده کاوی
عنوان انگلیسی
Distributed Intrusion Detection System for Cloud Environments based on Data Mining techniques
صفحات مقاله فارسی
0
صفحات مقاله انگلیسی
7
سال انتشار
2018
نشریه
الزویر - Elsevier
فرمت مقاله انگلیسی
PDF
نوع مقاله
ISI
نوع نگارش
مقالات پژوهشی (تحقیقاتی)
رفرنس
دارد
پایگاه
اسکوپوس
کد محصول
E10164
رشته های مرتبط با این مقاله
مهندسی کامپیوتر، فناوری اطلاعات
گرایش های مرتبط با این مقاله
رایانش ابری، امنیت اطلاعات، هوش مصنوعی، سامانه های شبکه ای
مجله
مجله علوم کامپیوتر پروسیدیا - Procedia Computer Science
دانشگاه
aLabSIV - Department of Computer Science - Faculty of Science - Ibn Zohr University - Morocco
کلمات کلیدی
سیستم های تشخیص نفوذ، محاسبات ابری،، یادگیری ماشین، هادوپ، کاهش نگاشت
doi یا شناسه دیجیتال
https://doi.org/10.1016/j.procs.2018.01.095
۰.۰ (بدون امتیاز)
امتیاز دهید
چکیده

Abstract


Nearly two decades after its emergence, the Cloud Computing remains gaining traction among organizations and individual users. Many security issues arise with the transition to this computing paradigm including intrusions detection. Intrusion and attack tools have become more sophisticated defeating traditional Intrusion Detection Systems (IDS) by large amount of network traffic data and dynamic behaviors. The existing Cloud IDSs suffer form low detection accuracy, high false positive rate and high running time. In this paper we present a distributed Machine Learning based intrusion detection system for Cloud environments. The proposed system is designed to be inserted in the Cloud side by side with the edge network components of the Cloud provider. This allows to intercept incoming network traffic to the edge network routers of the physical layer. A time-based sliding window algorithm is used to preprocess the captured network traffic on each Cloud router and pass it to an anomaly detection module using Naive Bayes classifier. A set of commodity server nodes based on Hadoop and MapReduce are available for each anomaly detection module to use when the network congestion increases. For each time window, the anomaly network traffic data on each router side are synchronized to a central storage server. Next, an ensemble learning classifiers based on the Random Forest is used to perform a final multi-class classification step in order to detect the type of each attack. Various experiment are performed in the Google Cloud Platform in order to assess the proposed system using the CIDDS-001 public dataset. The obtained results are satisfactory when compared to a standard Random Forest classifier. The system achieved an average accuracy of 97%, an average false positive rate of 0.21% and an average running time of 6.23s.

نتیجه گیری

Conclusion


In this paper a distributed intrusion detection system for Cloud environments is proposed. The proposed IDS constitutes of 5 principal modules. The network traffic module capture the incoming network traffic to the Cloud on each one of the edge network routers in a 5 minutes time window basis. The captured data are then preprocessed and passed to a first anomaly detection step using a Naive Bayes model. Next, the suspected traffic at each network router side are synchronized to central server. Then, an ensemble learning classifier based on Random Forest is used to classify the network traffic data available on the central storage server and detect the types of each attack. The proposed IDS is implemented on the Google Cloud Platform and tested using the CIDDS-001 public dataset. The experimental results are satisfactory when compared to a standard Random Forest tested directly on the dataset. Despite, that the proposed IDS depicts high detection performances for several attack types included in the CIDDS001 public dataset, it is important to evaluate its performances in real world scenarios. For future work, we are planning to perform real world deployment of the IDS and evaluate it against several attack types.


بدون دیدگاه