Skip to main content
SpringerLink
Log in
Book cover

International Conference on Networked Systems

NETYS 2019: Networked Systems pp 235–249Cite as

An Efficient Network IDS for Cloud Environments Based on a Combination of Deep Learning and an Optimized Self-adaptive Heuristic Search Algorithm

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 11704))

Abstract

Nowadays, Cloud Computing (CC) is one of the fastest emerging core technologies in the current information era. It is leading a new revolution on the ways of data storage and calculation. CC remains gaining traction among organizations thanks to its appealing features like pay-per-use model for billing customers, elasticity, ubiquity, scalability and availability of resources for businesses. Hence, many organizations are moving their workloads or processes to cloud due to its inherent advantages. Nevertheless, several security issues arise with the transition to this computing paradigm including intrusion detection. Attackers and intruders developed new sophisticated tools defeating traditional Intrusion Detection Systems (IDS) by huge amount of network traffic data and dynamic behaviors. The existing Cloud IDSs suffer from low detection accuracy and high false positive rate. To overcome this issue, we propose a smart approach using a self-adaptive heuristic search algorithm called “Improved Self-Adaptive Genetic Algorithm” (ISAGA) to build automatically a Deep Neural Network (DNN) based Anomaly Network Intrusion Detection System (ANIDS). ISAGA is a variant of standard Genetic Algorithm (GA), which is developed based on GA improved through an Adaptive Mutation Algorithm (AMA) and optimization strategies. The optimization strategies carried out are Parallel Processing and Fitness Value Hashing that reduce execution time, convergence time and save processing power. Our approach consists of using ISAGA with the goal of searching the optimal or near optimal combination of most relevant values of the parameters included in construction of DNN based IDS or impacting its performance, like feature selection, data normalization, architecture of DNN, activation function, learning rate and Momentum term, which ensure high detection rate, high accuracy and low false alarm rate. CloudSim 4.0 simulator platform and CICIDS2017 dataset were used for simulation and validation of the proposed system. The implementation results obtained have demonstrated the ability of our ANIDS to detect intrusions with high detection accuracy and low false alarm rate, and have indicated its superiority in comparison with state-of-the-art methods.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Verizon, State of the Market: Enterprise Cloud. http://www.verizonenterprise.com/resources/reports/rp_state-of-the-marketenterprise-cloud-2016_en_xg.pdf. Accessed 17 Feb 2019

  2. Hogan, M., Sokol, A.: NIST cloud computing standards roadmap. Version 2. NIST Cloud Computing Standards Roadmap Working Group. NIST Special Publications 500-291, NIST, Gaithersburg, MD, pp. 1–113 (2013)

    Google Scholar 

  3. Kumar, P.R., Raj, P.H., Jelciana, P.: Exploring data security issues and solutions in cloud computing. Procedia Comput. Sci. 125, 691–697 (2018)

    Article  Google Scholar 

  4. Wang, W., Ren, L., Chen, L., Ding, Y.: Intrusion detection and security calculation in industrial cloud storage based on an improved dynamic immune algorithm. Inf. Sci. 501, 543–557 (2018)

    Article  Google Scholar 

  5. Idhammad, M., Afdel, K., Belouch, M.: Distributed intrusion detection system for cloud environments based on data mining techniques. Procedia Comput. Sci. 127(C), 35–41 (2018)

    Article  Google Scholar 

  6. Krizhevsky, A., Sutskever, I., Hinton, G.E.: ImageNet classification with deep convolutional neural networks. In: Advances in Neural Information Processing Systems, pp. 1097–1105. Curran Associates, Inc., Lake Tahoe (2012)

    Google Scholar 

  7. Jacobson, L., Kanbe, B.: Genetic Algorithms in Java Basics, pp. 143–144. Apress, New York (2015)

    Book  Google Scholar 

  8. Mehmood, Y., Shibli, M.A., Kanwal, A., Masood, R.: Distributed intrusion detection system using mobile agents in cloud computing environment. In: 2015 Conference on Information Assurance and Cyber Security (CIACS), pp. 1–8. IEEE (2015)

    Google Scholar 

  9. Mehibs, S.M., Hashim, S.H.: Proposed network intrusion detection system‎ in cloud environment based on back‎ propagation neural network. J. Univ. Babylon Pure Appl. Sci. 26(1), 29–40 (2018)

    Article  Google Scholar 

  10. Saljoughi, A.S., Mehrvarz, M., Mirvaziri, H.: Attacks and intrusion detection in cloud computing using neural networks and particle swarm optimization algorithms. Emerg. Sci. J. 1(4), 179–191 (2018)

    Google Scholar 

  11. Hajimirzaei, B., Navimipour, N.J.: Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Expr. 5, 56–59 (2018)

    Article  Google Scholar 

  12. Ghosh, P., Jha, S., Dutta, R., Phadikar, S.: Intrusion detection system based on BCS-GA in cloud environment. In: Shetty, N.R., Patnaik, L.M., Prasad, N.H., Nalini, N. (eds.) ERCICA 2016, pp. 393–403. Springer, Singapore (2018). https://doi.org/10.1007/978-981-10-4741-1_35

    Chapter  Google Scholar 

  13. Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., Rida, M.: A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput. Secur. 75, 36–58 (2018)

    Article  Google Scholar 

  14. Tama, B.A., Rhee, K.: Attack classification analysis of IoT network via deep learning approach. Res. Briefs Inf. Commun. Technol. Evol. (ReBICTE) 3, 1–9 (2017)

    Google Scholar 

  15. Ahmim, A., Maglaras, L., Ferrag, M.A., Derdour, M., Janicke, H.: A novel hierarchical intrusion detection system based on decision tree and rules-based models. arXiv preprint arXiv:1812.09059 (2018)

  16. Musbau, D.A, Alhassan, J.K.: Ensemble learning approach for the enhancement of performance of intrusion detection system. In: International Conference on Information and Communication Technology and its Applications (ICTA 2018), pp. 1–8. CEUR-WS, Minna (2018)

    Google Scholar 

  17. The NSL-KDD data set. http://nsl.cs.unb.ca/NSL-KDD. Accessed 17 Feb 2019

  18. Gharib, A., Sharafaldin, I., Lashkari, A.H., Ghorbani, A.A.: An evaluation framework for intrusion detection dataset. In: 2016 International Conference on Information Science and Security (ICISS), pp. 1–6. IEEE, Pattaya (2016)

    Google Scholar 

  19. Sharma, P., Sengupta, J., Suri, P.K.: WLI-FCM and artificial neural network based cloud intrusion detection system. Int. J. Adv. Network. Appl. 10(1), 3698–3703 (2018)

    Google Scholar 

  20. Aslahi-Shahri, B.M., et al.: A hybrid method consisting of GA and SVM for intrusion detection system. Neural Comput. Appl. 27(6), 1669–1676 (2016)

    Article  Google Scholar 

  21. Hamamoto, A.H., Carvalho, L.F., Sampaio, L.D.H., Abrão, T., Proença Jr., M.L.: Network anomaly detection system using genetic algorithm and fuzzy logic. Expert Syst. Appl. 92, 390–402 (2018)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIMSAD Labs, Faculty of Sciences Ain Chock, Hassan II University of Casablanca, 20100, Casablanca, Morocco

    Zouhair Chiba, Noreddine Abghour, Khalid Moussaid, Amina El Omri & Mohamed Rida

Authors
  1. Zouhair Chiba
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Noreddine Abghour
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Khalid Moussaid
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Amina El Omri
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohamed Rida
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zouhair Chiba .

Editor information

Editors and Affiliations

  1. Uppsala University, Uppsala, Uppsala Län, Sweden

    Mohamed Faouzi Atig

  2. Augusta University, Augusta, GA, USA

    Alexander A. Schwarzmann

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., Rida, M. (2019). An Efficient Network IDS for Cloud Environments Based on a Combination of Deep Learning and an Optimized Self-adaptive Heuristic Search Algorithm. In: Atig, M., Schwarzmann, A. (eds) Networked Systems. NETYS 2019. Lecture Notes in Computer Science(), vol 11704. Springer, Cham. https://doi.org/10.1007/978-3-030-31277-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-31277-0_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-31276-3

  • Online ISBN: 978-3-030-31277-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation