مشخصات مقاله | |
ترجمه عنوان مقاله | توزیع سیستم تشخیص نفوذ برای محیط های ابر بر اساس تکنیک های داده کاوی |
عنوان انگلیسی مقاله | Distributed Intrusion Detection System for Cloud Environments based on Data Mining techniques |
انتشار | مقاله سال 2018 |
تعداد صفحات مقاله انگلیسی | 7 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research article) |
مقاله بیس | این مقاله بیس نمیباشد |
فرمت مقاله انگلیسی | |
رشته های مرتبط | مهندسی کامپیوتر، فناوری اطلاعات |
گرایش های مرتبط | رایانش ابری، امنیت اطلاعات، هوش مصنوعی، سامانه های شبکه ای |
نوع ارائه مقاله |
کنفرانس |
مجله / کنفرانس | مجله علوم کامپیوتر پروسیدیا – Procedia Computer Science |
دانشگاه | Department of Computer Science – Faculty of Science – Ibn Zohr University – Morocco |
کلمات کلیدی | سیستم های تشخیص نفوذ، محاسبات ابری،، یادگیری ماشین، هادوپ، کاهش نگاشت |
کلمات کلیدی انگلیسی | Intrusion Detection Systems, Cloud Computing, Machine Leaning, Hadoop, MapReduce |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.procs.2018.01.095 |
کد محصول | E10164 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract 1 Introduction 2 Related works 3 CIDDS-001 dataset 4 The proposed intrusion detection system 5 Experiments 6 Results and Discussion 7 Conclusion References |
بخشی از متن مقاله: |
Abstract
Nearly two decades after its emergence, the Cloud Computing remains gaining traction among organizations and individual users. Many security issues arise with the transition to this computing paradigm including intrusions detection. Intrusion and attack tools have become more sophisticated defeating traditional Intrusion Detection Systems (IDS) by large amount of network traffic data and dynamic behaviors. The existing Cloud IDSs suffer form low detection accuracy, high false positive rate and high running time. In this paper we present a distributed Machine Learning based intrusion detection system for Cloud environments. The proposed system is designed to be inserted in the Cloud side by side with the edge network components of the Cloud provider. This allows to intercept incoming network traffic to the edge network routers of the physical layer. A time-based sliding window algorithm is used to preprocess the captured network traffic on each Cloud router and pass it to an anomaly detection module using Naive Bayes classifier. A set of commodity server nodes based on Hadoop and MapReduce are available for each anomaly detection module to use when the network congestion increases. For each time window, the anomaly network traffic data on each router side are synchronized to a central storage server. Next, an ensemble learning classifiers based on the Random Forest is used to perform a final multi-class classification step in order to detect the type of each attack. Various experiment are performed in the Google Cloud Platform in order to assess the proposed system using the CIDDS-001 public dataset. The obtained results are satisfactory when compared to a standard Random Forest classifier. The system achieved an average accuracy of 97%, an average false positive rate of 0.21% and an average running time of 6.23s. Introduction The appealing features of Cloud computing continue to fuel its integration in many sectors including industry, governments, education, entertainment, to name few [1]. Cloud computing aims to provide convenient, on-demand, network access to a shared pool of configurable computing resources, which can be rapidly provisioned and released with minimal management effort or service provider interactions [2]. The pay-as-you-go and the on-demand elastic operation Cloud characteristics are changing the enterprise computing model, shifting on-premises infrastructures to off premises data centers, accessed over the Internet and managed by cloud hosting providers. However, many security issues arise with the transition to this computing paradigm including intrusions detection. Regardless the important evolution of the information security technologies in recent years, intrusions and attacks continue to defeat existing intrusion detection systems in Cloud environments [3]. Attackers developed new sophisticated techniques able to brought down an entire Cloud platform or even many within minutes. New records are breached each year by attacker. Recently a destructive DDoS attack have brought down more than 70 vital services of Internet including Github, Twitter, Amazon, Paypal, etc. Attackers have taken advantages of Cloud Computing and Internet of Things technologies to generate a huge amount of attack traffic; more than 665 Gb/s [4, 5]. Intrusion and attack tools have become more sophisticated challenging existing Cloud IDSs by large volumes of network traffic data, dynamic and complex behaviors and new types of attacks. It is clear that an IDS for Cloud should analyze large volumes of network traffic data, detect efficiently the new attack behaviors and reach high accuracy with low false. However preprocessing, analyzing and detecting intrusions in Cloud environments using traditional techniques have become very costly in terms of computation, time and budget. Therefore, efficient intrusions detection in Cloud environments requires adoption of new distributed and intelligent techniques such as Machine Learning techniques. |