Intrusion Detection System(IDS)in the cloud Computing(CC)environment has received paramount interest over the last few years.Among the latest approaches,Deep Learning(DL)-based IDS methods allow the discovery of attac...Intrusion Detection System(IDS)in the cloud Computing(CC)environment has received paramount interest over the last few years.Among the latest approaches,Deep Learning(DL)-based IDS methods allow the discovery of attacks with the highest performance.In the CC environment,Distributed Denial of Service(DDoS)attacks are widespread.The cloud services will be rendered unavailable to legitimate end-users as a consequence of the overwhelming network traffic,resulting in financial losses.Although various researchers have proposed many detection techniques,there are possible obstacles in terms of detection performance due to the use of insignificant traffic features.Therefore,in this paper,a hybrid deep learning mode based on hybridizing Convolutional Neural Network(CNN)with Long-Short-Term Memory(LSTM)is used due to its robustness and efficiency in detecting normal and attack traffic.Besides,the ensemble feature selection,mutualization aggregation between Particle Swarm Optimizer(PSO),Grey Wolf Optimizer(PSO),Krill Hird(KH),andWhale Optimization Algorithm(WOA),is used to select the most important features that would influence the detection performance in detecting DDoS attack in CC.A benchmark dataset proposed by the Canadian Institute of Cybersecurity(CIC),called CICIDS 2017 is used to evaluate the proposed IDS.The results revealed that the proposed IDS outperforms the state-of-the-art IDSs,as it achieved 97.9%,98.3%,97.9%,98.1%,respectively.As a result,the proposed IDS achieves the requirements of getting high security,automatic,efficient,and self-decision detection of DDoS attacks.展开更多
Flash Crowd attacks are a form of Distributed Denial of Service(DDoS)attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing(CC).Botnets are often...Flash Crowd attacks are a form of Distributed Denial of Service(DDoS)attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing(CC).Botnets are often used by attackers to perform a wide range of DDoS attacks.With advancements in technology,bots are now able to simulate DDoS attacks as flash crowd events,making them difficult to detect.When it comes to application layer DDoS attacks,the Flash Crowd attack that occurs during a Flash Event is viewed as the most intricate issue.This is mainly because it can imitate typical user behavior,leading to a substantial influx of requests that can overwhelm the server by consuming either its network bandwidth or resources.Therefore,identifying these types of attacks on web servers has become crucial,particularly in the CC.In this article,an efficient intrusion detection method is proposed based on White Shark Optimizer and ensemble classifier(Convolutional Neural Network(CNN)and LighGBM).Experiments were conducted using a CICIDS 2017 dataset to evaluate the performance of the proposed method in real-life situations.The proposed IDS achieved superior results,with 95.84%accuracy,96.15%precision,95.54%recall,and 95.84%F1 measure.Flash crowd attacks are challenging to detect,but the proposed IDS has proven its effectiveness in identifying such attacks in CC and holds potential for future improvement.展开更多
基金The authors gratefully acknowledge the approval and the support of this research study by the Grant No.SCIA-2022-11-1545the Deanship of Scientific Research at Northern Border University,Arar,K.S.A.
文摘Intrusion Detection System(IDS)in the cloud Computing(CC)environment has received paramount interest over the last few years.Among the latest approaches,Deep Learning(DL)-based IDS methods allow the discovery of attacks with the highest performance.In the CC environment,Distributed Denial of Service(DDoS)attacks are widespread.The cloud services will be rendered unavailable to legitimate end-users as a consequence of the overwhelming network traffic,resulting in financial losses.Although various researchers have proposed many detection techniques,there are possible obstacles in terms of detection performance due to the use of insignificant traffic features.Therefore,in this paper,a hybrid deep learning mode based on hybridizing Convolutional Neural Network(CNN)with Long-Short-Term Memory(LSTM)is used due to its robustness and efficiency in detecting normal and attack traffic.Besides,the ensemble feature selection,mutualization aggregation between Particle Swarm Optimizer(PSO),Grey Wolf Optimizer(PSO),Krill Hird(KH),andWhale Optimization Algorithm(WOA),is used to select the most important features that would influence the detection performance in detecting DDoS attack in CC.A benchmark dataset proposed by the Canadian Institute of Cybersecurity(CIC),called CICIDS 2017 is used to evaluate the proposed IDS.The results revealed that the proposed IDS outperforms the state-of-the-art IDSs,as it achieved 97.9%,98.3%,97.9%,98.1%,respectively.As a result,the proposed IDS achieves the requirements of getting high security,automatic,efficient,and self-decision detection of DDoS attacks.
基金The authors gratefully acknowledge the approval and the support of this research study by grant no.SCIA-2022-11-1551 from the Deanship of Scientific Research at Northern Border University,Arar,K.S.A.
文摘Flash Crowd attacks are a form of Distributed Denial of Service(DDoS)attack that is becoming increasingly difficult to detect due to its ability to imitate normal user behavior in Cloud Computing(CC).Botnets are often used by attackers to perform a wide range of DDoS attacks.With advancements in technology,bots are now able to simulate DDoS attacks as flash crowd events,making them difficult to detect.When it comes to application layer DDoS attacks,the Flash Crowd attack that occurs during a Flash Event is viewed as the most intricate issue.This is mainly because it can imitate typical user behavior,leading to a substantial influx of requests that can overwhelm the server by consuming either its network bandwidth or resources.Therefore,identifying these types of attacks on web servers has become crucial,particularly in the CC.In this article,an efficient intrusion detection method is proposed based on White Shark Optimizer and ensemble classifier(Convolutional Neural Network(CNN)and LighGBM).Experiments were conducted using a CICIDS 2017 dataset to evaluate the performance of the proposed method in real-life situations.The proposed IDS achieved superior results,with 95.84%accuracy,96.15%precision,95.54%recall,and 95.84%F1 measure.Flash crowd attacks are challenging to detect,but the proposed IDS has proven its effectiveness in identifying such attacks in CC and holds potential for future improvement.
