Abstract
An Intrusion Detection System (IDS) detects suspicious activities and sends alerts when they are found. Based on these alerts, the issue is investigated, and appropriate actions are taken to remediate the threat. The traffic in a network is examined by a network-based intrusion detection system using various traffic tools that collect and analyse traffic data utilizing detection algorithms. Virtualization is used to construct the cloud infrastructure, which renders the virtual network flow between the virtual machines and it is mostly unidentifiable by typical intrusion detection systems. Previous studies proposed a software-defined network technology to reroute network traffic to a Snort IDS for detection of malicious attacks. However, this is incapable of detecting unknown attacks and adapting to large-scale traffic. Deep learning algorithms are used automatically to extract essential features from raw network data, which can then be fed into a shallow classifier for effective malicious attack detection. The main objective of the proposed system is to utilize a combination of a sparse autoencoder and stacked contractive autoencoder (S-SCAE) along with a Bi-DLDA (Bi-directional LSTM followed by a dense layer, a dropout layer, and a layer with attention mechanism) for detecting intrusions in a cloud environment. Moreover, a cloud intrusion detection system that designed to collect the data traffic from the NSL-KDD dataset and applies the S-SCAE + Bi-DLDA algorithm to determine if the received packet is malicious or non-malicious. To assess the proposed system's detection performance, a variety of measures were used such as precision, recall rate, and accuracy. The proposed model achieves precision, recall rate, and accuracy of 99%, 98%, and over 98% respectively, according to simulation findings.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al Qatf, M., Lasheng, Y., Al Habib, M., Al Sabahi. K.: Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6, 52843–52856 (2018)
Aneetha, A.S., Bose, S.: The combined approach for anomaly detection using neural networks and clustering techniques. Comput. Sci. Eng. Int. J. 2(4), 37–46 (2012)
Khraisat, A., Gondal, I., Vamplew, P., Kamruzzaman, J.: Survey of intrusion detection systems: techniques, datasets and challenges. Cybersecurity 2(1), 1–22 (2019). https://doi.org/10.1186/s42400-019-0038-7
Dhanapal, A., Nithyanandam, P.: The slow HTTP distributed denial of service attack detection in cloud. Scalable Comput. Pract. Exper. 20(2), 285–297 (2019)
Le, T., Kim, J., Kim, H.: An effective intrusion detection classifier using long short-term memory with gradient descent optimization. In: 2017 International Conference on Platform Technology and Service (PlatCon), pp. 1–6 (2017)
Wang, W., Du, X., Wang, N.: Building a cloud IDS using an efficient feature selection method and SVM. IEEE Access 7, 1345–1354 (2019)
McDermott, C.D., Majdani, F., Petrovski, A.V.: Botnet detection in the internet of things using deep learning approaches. In: International Joint Conference on Neural Networks (IJCNN), pp. 1–8 (2018)
Prwez, T., Chatterjee, K.: A framework for network intrusion detection in cloud. In: IEEE 6th International Conference on Advanced Computing (2016)
Osanaiye, O.A.: Short paper: IP spoofing detection for preventing DDoS attack in Cloud computing. In: 2015 18th International Conference on Intelligence in Next Generation Networks, pp. 139–141 (2015)
Qureshi, A.S., Khan, A.K., Shamim, N., Durad, M.H.: Intrusion detection using deep sparse auto-encoder and self-taught learning. Neural Comput. Appl. 32, 3135– 3147 (2020)
Shukla, R.M., Sengupta, S.: Scalable and robust outlier detector using hierarchical clustering and long short-term memory (LSTM) neural network for the Internet of Things. Internet Things 9, 1–18 (2020)
Su, T., Zhu, J., Wang, S., Li, Y.: BAT: deep learning methods on network intrusion detection using NSL-KDD Dataset. IEEE Access 8, 29575–29585 (2020)
Badotra, S., Panda, S.N.: SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking. Clust. Comput. 24(1), 501–513 (2020). https://doi.org/10.1007/s10586-020-03133-y
Roy, B., Cheung, H.: A deep learning approach for intrusion detection in internet of things using bi-directional long short-term memory recurrent neural network. In: 2018 28th International Telecommunication Networks and Applications Conference (ITNAC), pp. 1–6 (2018)
Velliangiri, S., Karthikeyan, P., Vinoth Kumar, V.: Detection of distributed denial of service attack in cloud computing using the optimization-based deep networks. J. Exp. Theor. Artif. Intell. 33, 405–424 (2020)
Xu, M., Li, X., Ma, J.F., Zhong, C., Yang, W.: Detection of multi-stage attacks based on multi-layer long and short-term memory network. In: ICC 2019–2019 IEEE International Conference on Communications (ICC), pp. 1–4 (2019)
Yan, Y., Qi, L., Wang, J., Lin, Y., Chen. L.: A network intrusion detection method based on stacked autoencoder and LSTM. In: ICC 2020 - 2020 IEEE International Conference on Communications (ICC), pp. 1–6 (2020)
Wang, W., Du, X., Shan, D., Qin, R.: Cloud intrusion detection method based on stacked contractive auto-encoder and support vector machine. IEEE Trans. Cloud Comput. 1–14 (2020)
Varghese, L.A., Bose, S.: Efficient data storage model to overcome the storage problems in industries. Dyn. Syst. Appl. 30(6), 994–1002 (2021)
Krishnaveni, S., Sivamohan, S., Sridhar, S.S, Prabakaran, S.: Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computting. Cluster Comput. 24(3), 1–19 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Sharon, A., Mohanraj, P., Abraham, T.E., Sundan, B., Thangasamy, A. (2022). An Intelligent Intrusion Detection System Using Hybrid Deep Learning Approaches in Cloud Environment. In: Neuhold, E.J., Fernando, X., Lu, J., Piramuthu, S., Chandrabose, A. (eds) Computer, Communication, and Signal Processing. ICCCSP 2022. IFIP Advances in Information and Communication Technology, vol 651. Springer, Cham. https://doi.org/10.1007/978-3-031-11633-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-031-11633-9_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-11632-2
Online ISBN: 978-3-031-11633-9
eBook Packages: Computer ScienceComputer Science (R0)