TY - JOUR
T1 - Novel collaborative intrusion detection for enhancing cloud security
AU - Elbakri, Widad
AU - Siraj, Maheyzah Md
AU - Al-rimy, Bander Ali Saleh
AU - Almalki, Sultan Ahmed
AU - Alghamdi, Tami
AU - Alkhorem, Azan Hamad
AU - Sheldon, Frederick T.
N1 - Publisher Copyright:
© (2024), (Science and Information Organization). All Rights Reserved.
PY - 2024/12/1
Y1 - 2024/12/1
N2 - Intrusion Detection Models (IDM) often suffer from poor accuracy, especially when facing coordinated attacks such as Distributed Denial of Service (DDoS). One significant limitation of existing IDM solutions is the lack of an effective technique to determine the optimal period for sharing attack information among nodes in a distributed IDM environment. This article proposes a novel collaborative IDM model that addresses this issue by leveraging the Pruned Exact Linear Time (PELT) change point detection algorithm. The PELT algorithm dynamically determines the appropriate intervals for disseminating attack information to nodes within the collaborative IDM framework. Additionally, to enhance detection accuracy, the proposed model integrates a Gradient Boosting Machine with a Support Vector Machine (GBM-SVM) for collaborative detection of malicious activities. The proposed model was implemented in Apache Spark using the NSL-KDD benchmark intrusion detection dataset. Experimental results demonstrate that this collaborative approach significantly improves detection accuracy and responsiveness to coordinated attacks, providing a robust solution for enhancing cloud security.
AB - Intrusion Detection Models (IDM) often suffer from poor accuracy, especially when facing coordinated attacks such as Distributed Denial of Service (DDoS). One significant limitation of existing IDM solutions is the lack of an effective technique to determine the optimal period for sharing attack information among nodes in a distributed IDM environment. This article proposes a novel collaborative IDM model that addresses this issue by leveraging the Pruned Exact Linear Time (PELT) change point detection algorithm. The PELT algorithm dynamically determines the appropriate intervals for disseminating attack information to nodes within the collaborative IDM framework. Additionally, to enhance detection accuracy, the proposed model integrates a Gradient Boosting Machine with a Support Vector Machine (GBM-SVM) for collaborative detection of malicious activities. The proposed model was implemented in Apache Spark using the NSL-KDD benchmark intrusion detection dataset. Experimental results demonstrate that this collaborative approach significantly improves detection accuracy and responsiveness to coordinated attacks, providing a robust solution for enhancing cloud security.
KW - anomaly detection
KW - Cloud security
KW - collaborative model
KW - DDoS
KW - feature selection
KW - gradient boosting machine
KW - intrusion detection
KW - NSL-KDD
KW - Pruned Exact Linear Time (PELT)
KW - support vector machine
UR - http://www.scopus.com/inward/record.url?scp=85213948944&partnerID=8YFLogxK
U2 - 10.14569/IJACSA.2024.0151294
DO - 10.14569/IJACSA.2024.0151294
M3 - Article
AN - SCOPUS:85213948944
SN - 2158-107X
VL - 15
SP - 942
EP - 953
JO - International Journal of Advanced Computer Science and Applications
JF - International Journal of Advanced Computer Science and Applications
IS - 12
ER -