Machine Learning for Intrusion Detection in Cloud-Based Systems

Authors

  • Tirumala Ashish Kumar Manne Institution of Affiliation

DOI:

https://doi.org/10.47941/ijce.2765

Keywords:

Intrusion Detection System (IDS), Machine Learning (ML), Cloud Security, Cybersecurity, Cloud Computing

Abstract

The proliferation of cloud computing has transformed data storage and processing but also introduced complex security challenges. Traditional Intrusion Detection Systems (IDS) often struggle in dynamic cloud environments due to scalability, adaptability, and the high rate of false positives. Machine Learning (ML) has emerged as a powerful tool to enhance IDS by enabling systems to learn from vast datasets, identify anomalous behavior, and adapt to evolving threats. This paper investigates the application of ML techniques such as supervised, unsupervised, and deep learning to intrusion detection in cloud-based systems. It reviews key methodologies, evaluates performance across widely used benchmark datasets (NSL-KDD, CICIDS2017), and highlights real-world implementations in commercial cloud platforms. The study also addresses critical challenges including data privacy, adversarial ML, real-time detection, and scalability. Through a comprehensive analysis, we identify promising research directions such as federated learning, explainable AI, and hybrid cloud-edge IDS architectures.

Downloads

Download data is not yet available.

References

P. Mell and T. Grance, “The NIST definition of cloud computing,” NIST Special Publication 800-145, 2011.

M. A. Baig, “A Systematic Review of Cloud Security Challenges in Cloud Computing,” J. Cloud Comput., vol. 6, no. 1, 2017.

S. Xie et al., “Anomaly detection in cloud computing using machine learning: A review,” IEEE Access, vol. 7, pp. 177421–177433, 2019.

A. Javaid et al., “A deep learning approach for network intrusion detection system,” Proc. 9th EAI Int. Conf. Bio-inspired Info. Commun. Technol., 2016.

N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” 2015 Military Communications and Information Systems Conference (MilCIS), 2015.

S. Roschke, F. Cheng, and C. Meinel, “Intrusion detection in the cloud,” 8th IEEE International Conference on Dependable, Autonomic and Secure Computing, 2009, pp. 729–734.

M. H. Sqalli, F. Al-Haidari, and K. Salah, “EDoS-Shield - A two-steps mitigation technique against EDoS attacks in cloud computing,” 8th IEEE International Conference on Computer Engineering & Systems, 2012.

A. Khorshed, A. Ali, and S. Wasimi, “A survey on gaps, threats and attacks in cloud computing,” Journal of Internet Services and Applications, vol. 4, no. 1, pp. 1–9, Jan. 2013.

M. Roesch, “Snort: Lightweight intrusion detection for networks,” Proceedings of the 13th USENIX conference on System administration, 1999, pp. 229–238.

R. Mitchell and I. R. Chen, “A survey of intrusion detection techniques for cyber-physical systems,” ACM Computing Surveys (CSUR), vol. 46, no. 4, pp. 1–29, Mar. 2014.

H. Gonzalez et al., “Cloud security auditing: Challenges and emerging approaches,” IEEE Security & Privacy, vol. 10, no. 5, pp. 12–19, Sept.-Oct. 2012.

J. Zhang and B. H. Kang, “An overview of intrusion detection in cloud computing,” Proceedings of the 2013 International Conference on IT Convergence and Security (ICITCS), 2013, pp. 1–4.

M. Ambusaidi, X. He, P. Nanda, and Z. Tan, “Building an intrusion detection system using a filter-based feature selection algorithm,” IEEE Transactions on Computers, vol. 65, no. 10, pp. 2986–2998, Oct. 2016.

N. Moustafa and J. Slay, “The significant features of the UNSW-NB15 dataset for network intrusion detection systems,” Proceedings of the 2015 Military Communications and Information Systems Conference (MilCIS), 2015.

F. A. A. Elrahman and A. Abraham, “A review of class imbalance problem in intrusion detection,” Journal of Network and Computer Applications, vol. 75, pp. 35–54, Nov. 2016.

A. Patcha and J. M. Park, “An overview of anomaly detection techniques: Existing solutions and latest technological trends,” Computer Networks, vol. 51, no. 12, pp. 3448–3470, Aug. 2007.

Z. Zhang, J. Li, C. Manikopoulos, J. Jorgenson, and J. Ucles, “HIDE: a hierarchical network intrusion detection system using statistical preprocessing and neural network classification,” Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, 2001.

W. Wang, M. Zhu, J. Wang, X. Zeng, and Z. Yang, “End-to-end encrypted traffic classification with deep learning,” 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 43–48, 2017.

S. Kim, K. Lee, and H. Kim, “A novel hybrid intrusion detection method integrating anomaly detection with misuse detection,” Expert Systems with Applications, vol. 41, no. 4, pp. 1690–1700, Mar. 2014.

A. Javaid, Q. Niyaz, W. Sun, and M. Alam, “A deep learning approach for network intrusion detection system,” Proceedings of the 9th EAI International Conference on Bio-inspired Information and Communications Technologies (formerly BIONETICS), 2016.

Y. Sun, Z. Zhang, and Y. Li, “Reinforcement learning-based adaptive system for network intrusion detection,” Journal of Electrical and Computer Engineering, vol. 2014, Article ID 139275, 2014.

S. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD Cup 99 data set,” Proceedings of the 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009.

M. Mahoney and P. Chan, “An analysis of the 1999 DARPA/Lincoln Laboratory evaluation data for network anomaly detection,” RAID 2003: Recent Advances in Intrusion Detection, Springer, pp. 220–237, 2003.

N. Moustafa and J. Slay, “UNSW-NB15: A comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” 2015 Military Communications and Information Systems Conference (MilCIS), IEEE, 2015.

I. Sharafaldin, A. H. Lashkari, and A. A. Ghorbani, “Toward generating a new intrusion detection dataset and intrusion traffic characterization,” ICISSP, pp. 108–116, 2018.

T. Fawcett, “An introduction to ROC analysis,” Pattern Recognition Letters, vol. 27, no. 8, pp. 861–874, June 2006.

D. M. Powers, “Evaluation: From precision, recall and F-measure to ROC, informedness, markedness and correlation,” Journal of Machine Learning Technologies, vol. 2, no. 1, pp. 37–63, 2011.

J. Davis and M. Goadrich, “The relationship between Precision-Recall and ROC curves,” Proceedings of the 23rd International Conference on Machine Learning (ICML), pp. 233–240, 2006.

C. Ferri, J. Hernández-Orallo, and R. Modroiu, “An experimental comparison of performance measures for classification,” Pattern Recognition Letters, vol. 30, no. 1, pp. 27–38, Jan. 2009.

Downloads

Published

2020-05-16

How to Cite

Manne, T. A. K. (2020). Machine Learning for Intrusion Detection in Cloud-Based Systems. International Journal of Computing and Engineering, 1(2), 11–19. https://doi.org/10.47941/ijce.2765

Issue

Vol. 1 No. 2 (2020)

Section

Articles

License

Copyright (c) 2022 Tirumala Ashish Kumar Manne

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.