Abstract
Cloud computing offers elastic and ubiquitous computing services, thereby receiving extensive attention recently. However, cloud servers have also become the targets of malicious attacks or hackers due to the centralization of data storage and computing facilities. Most intrusion attacks to cloud servers are often originated from inner or external networks. Intrusion detection is a prerequisite to designing anti-intrusion countermeasures of cloud systems. In this paper, we explore deep learning algorithms to design intrusion detection methods. In particular, we present a deep learning-based method with the integration of conventional neural networks, self-attention mechanism, and Long short-term memory (LSTM), namely CNN-A-LSTM to detect intrusion. CNN-A-LSTM leverages the merits of CNN in processing local correlation data and extracting features, the time feature extracting capability of LSTM, and the self-attention mechanism to better exact features. We conduct extensive experiments on the KDDcup99 dataset to evaluate the performance of our CNN-A-LSTM model. Compared with other machine learning and deep learning models, our CNN-A-LSTM has superior performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alfaro, J.G., Boulahia-Cuppens, N., Cuppens, F.: Complete analysis of configuration rules to guarantee reliable network security policies. Int. J. Inf. Secur. 7(2), 103–122 (2008)
Behl, A.: Emerging security challenges in cloud computing: an insight to cloud security challenges and their mitigation. In: 2011 World Congress on Information and Communication Technologies, pp. 217–222. IEEE (2011)
Chawla, A., Lee, B., Fallon, S., Jacob, P.: Host based intrusion detection system with combined CNN/RNN model. In: Alzate, C., et al. (eds.) ECML PKDD 2018. LNCS (LNAI), vol. 11329, pp. 149–158. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-13453-2_12
Géron, A.: Hands-On Machine Learning with Scikit-Learn, Keras, and TensorFlow: Concepts, Tools, and Techniques to Build Intelligent Systems. O’Reilly Media (2019)
Ghaffari, F., Gharaee, H., Arabsorkhi, A.: Cloud security issues based on people, process and technology model: a survey. In: 2019 5th International Conference on Web Research (ICWR), pp. 196–202. IEEE (2019)
Hochreiter, S., Schmidhuber, J.: Long short-term memory. Neural Comput. 9(8), 1735–1780 (1997)
Khalil, I.M., Khreishah, A., Azeem, M.: Cloud computing security: a survey. Computers 3(1), 1–35 (2014)
Kim, G., Yi, H., Lee, J., Paek, Y., Yoon, S.: LSTM-based system-call language modeling and robust ensemble method for designing host-based intrusion detection systems. arXiv preprint arXiv:1611.01726 (2016)
Kim, J., Kim, J., Thu, H.L.T., Kim, H.: Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International Conference on Platform Technology and Service (PlatCon), pp. 1–5. IEEE (2016)
Kimani, K., Oduol, V., Langat, K.: Cyber security challenges for IOT-based smart grid networks. Int. J. Crit. Infrastruct. Prot. 25, 36–49 (2019)
Kumar, V., Sangwan, O.P.: Signature based intrusion detection system using snort. Int. J. Comput. Appl. Technol. Inf. Technol. 1(3), 35–41 (2012)
Modi, C.N., Patel, D.R., Patel, A., Rajarajan, M.: Integrating signature apriori based network intrusion detection system (NIDS) in cloud computing. Procedia Technol. 6, 905–912 (2012)
Nadeem, M., Marshall, O., Singh, S., Fang, X., Yuan, X.: Semi-supervised deep neural network for network intrusion detection (2016)
Peng, K., Leung, V., Zheng, L., Wang, S., Huang, C., Lin, T.: Intrusion detection system based on decision tree over big data in fog environment. Wireless Commun. Mobile Comput. 2018, Article ID 4680867, 10 (2018)
Rafique, W., Qi, L., Yaqoob, I., Imran, M., Rasool, R.U., Dou, W.: Complementing IoT services through software defined networking and edge computing: a comprehensive survey. IEEE Commun. Surv. Tutorials 22, 1761–1804 (2020)
Roschke, S., Cheng, F., Meinel, C.: Intrusion detection in the cloud. In: 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 729–734. IEEE (2009)
Roy, S.S., Mallik, A., Gulati, R., Obaidat, M.S., Krishna, P.V.: A deep learning based artificial neural network approach for intrusion detection. In: Giri, D., Mohapatra, R.N., Begehr, H., Obaidat, M.S. (eds.) ICMC 2017. CCIS, vol. 655, pp. 44–53. Springer, Singapore (2017). https://doi.org/10.1007/978-981-10-4642-1_5
Saenko, I., Kotenko, I.: Administrating role-based access control by genetic algorithms. In: Proceedings of the Genetic and Evolutionary Computation Conference Companion, pp. 1463–1470. Association for Computing Machinery (2017). https://doi.org/10.1145/3067695.3082509
Singh, A., Chatterjee, K.: Cloud security issues and challenges: a survey. J. Network Comput. Appl. 79, 88–115 (2017)
Singh, S., Jeong, Y.S., Park, J.H.: A survey on cloud computing security: issues, threats, and solutions. J. Network Comput. Appl. 75, 200–222 (2016)
Sood, A.K., Enbody, R.J.: Targeted cyberattacks: a superset of advanced persistent threats. IEEE Secur. Priv. 11(1), 54–61 (2012)
Staudemeyer, R.C.: Applying long short-term memory recurrent neural networks to intrusion detection. South Afr. Comput. J. 56(1), 136–154 (2015)
Sun, Y., Zhang, J., Xiong, Y., Zhu, G.: Data security and privacy in cloud computing. Int. J. Distrib. Sens. Netw 10(7), 190903 (2014)
Takabi, H., Joshi, J.B., Ahn, G.J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)
Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD cup 99 data set. In: 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, pp. 1–6. IEEE (2009)
Vinayakumar, R., Soman, K., Poornachandran, P.: Applying convolutional neural network for network intrusion detection. In: 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 1222–1228. IEEE (2017)
Wang, W., Du, X., Shan, D., Qin, R., Wang, N.: Cloud intrusion detection method based on stacked contractive auto-encoder and support vector machine. IEEE Trans. Cloud Comput. 1–1 (2020). https://doi.org/10.1109/TCC.2020.3001017
Wang, W., et al.: HAST-IDS: learning hierarchical spatial-temporal features using deep neural networks to improve intrusion detection. IEEE Access 6, 1792–1806 (2017)
Xiao, Y., Xing, C., Zhang, T., Zhao, Z.: An intrusion detection model based on feature reduction and convolutional neural networks. IEEE Access 7, 42210–42219 (2019)
Yang, R., Qu, D., Gao, Y., Qian, Y., Tang, Y.: nLSALog: an anomaly detection framework for log sequence in security management. IEEE Access 7, 181152–181164 (2019). https://doi.org/10.1109/ACCESS.2019.2953981
Yin, C., Zhu, Y., Fei, J., He, X.: A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5, 21954–21961 (2017)
Zheng, W.F.: Intrusion detection based on convolutional neural network. In: 2020 International Conference on Computer Engineering and Application (ICCEA), pp. 273–277. IEEE (2020)
Acknowledgement
The work described in this paper was partially supported by Macao Science and Technology Development Fund under Grant No. 0026/2018/A1.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Lu, C., Dai, HN., Zhou, J., Wang, H. (2021). Exploring Self-attention Mechanism of Deep Learning in Cloud Intrusion Detection. In: Qi, L., Khosravi, M.R., Xu, X., Zhang, Y., Menon, V.G. (eds) Cloud Computing. CloudComp 2020. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 363. Springer, Cham. https://doi.org/10.1007/978-3-030-69992-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-69992-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-69991-8
Online ISBN: 978-3-030-69992-5
eBook Packages: Computer ScienceComputer Science (R0)