تشخیص نفوذ در ابر رایانشی توسط تکنیک تشخیص ناهمگونی
محورهای موضوعی : پردازش چند رسانه ای، سیستمهای ارتباطی، سیستمهای هوشمندعلی غفاری 1 , روزبه حسین نژاد 2
1 - دانشیار دانشگاه آزاد اسلامی واحد تبریز، گروه مهندسی کامپیوتر، تبریز، ایران
2 - دانشگاه آزاد اسلامی واحد تبریز، گروه مهندسی کامپیوتر، تبریز، ایران
کلید واژه: ابر رایانشی, رفتار مغرضانه, رفتار نرمال, تشخیص ناهنجاری, پارامترهای رفتاری,
چکیده مقاله :
در سالهای اخیر، ظهور و گسترش روزافزون استفاده از رایانش ابری، درک همه از معماریهای زیرساخت، ارائه نرمافزار و مدلهای توسعه را به شدت تغییر داده است. پس از انتقال از رایانههای مرکزی به مدلهای سرویس گیرنده/سرویس دهنده، رایانش ابری عناصری از محاسبات گرید، محاسبات ابزار و محاسبات خودکار را در بر میگیرد و به یک معماری استقرار نوآورانه تبدیل میشود. این انتقال سریع به سمت رایانش ابری، نگرانیهایی برای موفقیت سیستمهای اطلاعاتی، ارتباطات و امنیت اطلاعات ایجاد کرده است. ساختار توزیع شده رایانش ابری به عنوان هدفی جذاب برای حملات سایبری بالقوه توسط نفوذگران تبدیل می شود. در این مقاله با استفاده از رویکرد تشخیص ناهنجاری، روشی برای تعبیه یک سیستم تشخیص نفوذ برای رایانش ابری ارائه شده است. لذا با مطالعه بر روی چگونگی بررسی پارامترها و نقش ترکیبی پارامترها در تشخیص نفوذ در ابر، به بررسی و ارائه چهارچوب نظری به همراه شبیهسازی رفتار مشکوک در ابر پرداخته شده است. منطقیترین روش برای شناسایی نفوذ، استفاده از روشهای همراه با ناظر برای یادگیری پارامترهای رفتار عادی مشتریان است. لذا تشخیص رفتار مغرضانه در قالب رفتار مشکوک، با یک شبیهسازی اولیه در قالب شناسایی رفتار غیرعادی در حیطههای مختلف رفتاری توسط شبکه عصبی تکرارکننده پیادهسازی شده و مورد بحث، بررسی و مقایسه قرار گرفت. نتایج حاصل از شبیهسازی روش پیشنهادی نشان میدهد که این تحقیق میتواند جنبههای جدیدی را برای بررسی مسئله تشخیص نفوذ در ابر ارائه کند و از روش دستهبندی نیز کارایی بهتری از خود نشان دهد.
Introduction: The distributed structure of cloud computing makes it an attractive target for potential cyberattacks by intruders. In this paper, using the anomaly detection approach, a method for embedding an intrusion detection system for cloud computing is presented. Therefore, by studying how to check the parameters and the combined role of the parameters in the detection of penetration in the cloud, a method for detecting suspicious behavior in the cloud is provided. The most logical way to detect an intrusion is to use supervised methods to learn the parameters of normal customer behavior. Therefore, the detection of biased behavior in the form of suspicious behavior was implemented and discussed, investigated, and compared with an initial simulation in the form of identifying abnormal behavior in different behavioral areas by the neural network.Method: In this article, the basis of abnormality detection in different aspects is to examine the behavior of users and use the capabilities of reproducing inputs in RNN neural networks. In these networks, during the training of the network, the weights are adjusted in such a way that they can minimize the average square of the error so that the network can produce common repeating patterns well. Therefore, after training, these networks cannot reproduce well the input patterns that are actually significantly different from the training samples. Hence, these networks are able to identify anomalies in the tested sets. Accordingly, RNN networks are used here to model normal behavior.Findings: The simulation results show that the proposed method, which is based on the recurrent neural network, can improve the false positive, false negative, and detection accuracy compared to the classification method.Discussion: In this article, the detection of biased behavior in the form of suspicious behavior was implemented and discussed, investigated, and compared with an initial simulation in the form of identifying abnormal behavior in different behavioral fields. The simulation results show that the proposed method, which is based on the iterative neural network, can improve the false positive, false negative, and detection accuracy compared to the classification method.
[1] Jaber, A. N., & Rehman, S. U. (2020). FCM–SVM based intrusion detection system for cloud computing environment. Cluster Computing, 1-11.
[2] Shamshirband, S., Fathi, M., Chronopoulos, A. T., Montieri, A., Palumbo, F., & Pescapè, A. (2020). Computational intelligence intrusion detection techniques in mobile cloud computing environments: Review, taxonomy, and open research issues. Journal of Information Security and Applications, 55, 102582.
[3] Krishnaveni, S., Sivamohan, S., Sridhar, S. S., & Prabakaran, S. (2021). Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing. Cluster Computing, 1-19.
[4] Zhang, Z., Wen, J., Zhang, J., Cai, X., & Xie, L. (2020). A many objective-based feature selection model for anomaly detection in cloud environment. IEEE Access, 8, 60218-60231.
[5] Wei, J., Long, C., Li, J., & Zhao, J. (2020). An intrusion detection algorithm based on bag representation with ensemble support vector machine in cloud computing. Concurrency and Computation: Practice and Experience, 32(24), e5922.
[6] Krishnaveni, S., Vigneshwar, P., Kishore, S., Jothi, B., & Sivamohan, S. (2020). Anomaly-based intrusion detection system using support vector machine. In Artificial Intelligence and Evolutionary Computations in Engineering Systems (pp. 723-731). Springer, Singapore.
[7] Aldribi, A., Traore, I., Moa, B., & Nwamuo, O. (2020). Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking. Computers & Security, 88, 101646.
[8] Abdulqadder, I. H., Zhou, S., Zou, D., Aziz, I. T., & Akber, S. M. A. (2020). Multi-layered intrusion detection and prevention in the SDN/NFV enabled cloud of 5G networks using AI-based defense mechanisms. Computer Networks, 179, 107364.
[9] Alkadi, O., Moustafa, N., Turnbull, B., & Choo, K. K. R. (2020). A deep blockchain framework-enabled collaborative intrusion detection for protecting iot and cloud networks. IEEE Internet of Things Journal.
[10] Mugabo, E., & Zhang, Q. Y. (2020). Intrusion Detection Method Based on Support Vector Machine and Information Gain for Mobile Cloud Computing. IJ Network Security, 22(2), 231-241.
[11] Kushwah, G. S., & Ranga, V. (2020). Voting extreme learning machine based distributed denial of service attack detection in cloud computing. Journal of Information Security and Applications, 53, 102532.
[12] Kushwah, G.S. and Ranga, V., 2022. DDoS Attacks Detection in Cloud Computing Using ANN and Imperialistic Competitive Algorithm. In Artificial Intelligence and Sustainable Computing (pp. 253-263). Springer, Singapore.
[13] R. Sondhiya, M. Shreevastav, and M. Mishra, "To Improve Security in Cloud Computing with Intrusion detection system using Neural Network," International Journal of Soft Computing and Engineering (IJSCE) vol. 3, 2013.
[14] K. Zunnurhain, "FAPA: a model to prevent flooding attacks in clouds," in Proceedings of the 50th Annual Southeast Regional Conference, 2012, pp. 395-396.
[15] S. N. Dhage and B. Meshram, "Intrusion detection system in cloud computing environment," International Journal of Cloud Computing, 2012, vol. 1, pp.282-61.
[16] H. M. Alsafi, W. M. Abduallah, and A.-S. K. Pathan, "IDPS: an integrated intrusion handling model for cloud computing environment," International Journal of Computing & Information Technology (IJCIT), vol. 4, pp. 1-16, 2012.
[17] T. Vissers, T. S. Somasundaram, L. Pieters, K. Govindarajan, and P. Hellinckx, "DDoS defense system for web services in a cloud environment," Future Generation Computer Systems, vol. 37, pp. 37-45, 2014.
[18] Kim, M., Ou, E., Loh, P. L., Allen, T., Agasie, R., & Liu, K. (2020). RNN-Based online anomaly detection in nuclear reactors for highly imbalanced datasets with uncertainty. Nuclear Engineering and Design, 364, 110699.
[19] Wei, G., & Wang, Z. (2021). Adoption and realization of deep learning in network traffic anomaly detection device design. Soft Computing, 25(2), 1147-1158.
[20] Chaibi, N., Atmani, B., & Mokaddem, M. (2020, October). Deep Learning Approaches to Intrusion Detection: A new Performance of ANN and RNN on NSL-KDD. In Proceedings of the 1st International Conference on Intelligent Systems and Pattern Recognition (pp. 45-49).
[21] Murugesan, M., & Thilagamani, S. (2020). Efficient anomaly detection in surveillance videos based on multi layer perception recurrent neural network. Microprocessors and Microsystems, 79, 103303.
[22] Wu, D., Zhu, H., Zhu, Y., Chang, V., He, C., Hsu, C. H., ... & Huang, Z. (2020). Anomaly Detection Based on RBM-LSTM Neural Network for CPS in Advanced Driver Assistance System. ACM Transactions on Cyber-Physical Systems, 4(3), 1-17.
[23] Yin, C., Zhang, S., Wang, J., & Xiong, N. N. (2020). Anomaly detection based on convolutional recurrent autoencoder for IoT time series. IEEE Transactions on Systems, Man, and Cybernetics: Systems.
[24] Luo, D., Lu, J., & Guo, G. (2020). Road Anomaly Detection Through Deep Learning Approaches. IEEE Access, 8, 117390-117404.
_||_