Haifeng Lv,Xiaoyu Ji,Yong Ding

DOI: https://doi.org/10.1088/1742-6596/2517/1/012016

2023-01-01

Journal of Physics Conference Series

Abstract:The intrusion detection system (IDS) plays an important part because it offers an efficient way to prevent and mitigate cyber attacks. Numerous deep learning methods for intrusion anomaly detection have been developed as a result of recent advances in artificial intelligence (AI) in order to strengthen internet security. The balance among the high detection rate (DR), the low false alarm rate (FAR) and disaster of dimensionality is the crucial apprehension while devising an effective IDS. For the binary classification of intrusion detection systems, we present in this study a mixed model called K-means-XGBoost consisting of K-means and (Extreme Gradient Boosting, XGBoost) algorithms. The distributed computation of our method is achieved in Spark platform to rapidly separate normal events and anomaly events. In phrases of accuracy, DR, F1-score, recall, precision, and error indices FAR, the proposed model’s performance is measured via the well-known dataset of NSL-KDD. The experimental outcomes indicate that our method is outstandingly better among accuracy, DR, F1-score, training time, and processing speed, compared to other models which are recently created. In particular, the accuracy, F1-score, and DR of the proposed model can achieve as high as 93.28%, 94.39%, and 99.22% in the NSL-KDD dataset, respectively.

Xueluan Gong,Yanjiao Chen,Qian Wang,Meng Wang,Shuyang Li

DOI: https://doi.org/10.1109/MCOM.004.2100867

IF: 9.03

2022-01-01

IEEE Communications Magazine

Abstract:Machine learning models are established with a variety of data collected from individual users who are concerned about their privacy. Various cloud service providers (e.g., Amazon, Google, Alibaba) commercialize their models by selling them or providing limited access via APIs. However, existing studies have shown that such cloud-based models are susceptible to training data inference attacks (i.e., membership inference attacks, attribute inference attacks, and model inversion attacks) since the trained models remember information about the training data. In this article, we perform an exhaustive investigation on the current training data inference attacks against cloud-based models. According to the attack scenario, we divide the existing inference attacks into two categories: centralized and collaborative learning scenarios. We first give a comprehensive review of attacks in each category and then give a qualitative comparison of the existing attacks. Further, we quantitatively compare the performance of different attack strategies by experiments. Last but not least, we pinpoint some open issues and potential future directions that need to be investigated in this area.

Ishu Gupta,Rishabh Gupta,Ashutosh Kumar Singh,Rajkumar Buyya

DOI: https://doi.org/10.1109/jsyst.2020.3035666

IF: 4.802

2021-09-01

IEEE Systems Journal

Abstract:The organizational valuable data needs to be shared with multiple parties and stakeholders in a cloud environment for storage, analysis, and data utilization. However, to ensure the security, preserve privacy while sharing the data effectively among various parties have become formidable challenges. In this article, by utilizing encryption, machine learning, and probabilistic approaches, we propose a novel model that supports multiple participants to securely share their data for distinct purposes. The model defines the access policy and communication protocol among the involved multiple untrusted parties to process the owners' data. The proposed model minimizes the risk associated with the leakage by providing a robust mechanism for prevention coupled with detection. The experimental results demonstrate the efficiency of the proposed model for different classifiers over various datasets. The proposed model ensures high accuracy and precision up to 97% and 100% relatively and secures a significant improvement up to 0.01%, 103%, 151%, 87%, 96%, 43%, and 186% for average probability, average success rate, detection rate, accuracy, precision, recall, and specificity, respectively, compared to the prior works that prove its effectiveness.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

P. L. S. Jayalaxmi,Manali Chakraborty,Rahul Saha,Gulshan Kumar,Mauro Conti

DOI: https://doi.org/10.1007/s10586-024-04527-y

2024-05-24

Cluster Computing

Abstract:Malware remains a persistent threat to industrial operations, causing disruptions and financial losses. Traditional malware detection approaches struggle with the increasing complexity of false positives and negatives. However, existing Intrusion Detection Systems (IDSs) often lack the capability to assess the severity of detected malware, crucial for effective threat mitigation. This paper presents a novel model, MAlware DEtection and Severity Analysis for eNcrypted Traffic (MADESANT), designed to detect and analyze malware severity in encrypted traffic data. MADESANT combines Deep Learning (DL)-based intrusion detection with Machine Learning (ML)-based severity analysis, specifically customized for the minutiae of IoT systems and assets. Notably, MADESANT introduces a cascading model integrating a Cascading Forward Back Propagation Neural Network (CFBPNN) with the J48 tree to systematically assess risk factors in network traffic. Our assessment, conducted on diverse encrypted datasets including UNSW-NB15, IoT23, and XIIoTID, highlights the remarkable efficacy of MADESANT. Impressively, it achieves a flawless 0% false positive rate in detecting binary attack instances, surpassing benchmarks set by conventional models. Additionally, MADESANT excels in accurately estimate malware severity, providing invaluable insights into the factors contributing to the risk. To further validate its efficiency, we compared MADESANT against prevalent Neural Network models like FeedForward and Recurrent Neural Networks, with MADESANT emerging as the superior choice. The experimentation encompasses both the entire dataset and subsets generated through meticulous risk factor analysis. These results underscore MADESANT's prowess in not only identifying malware but also in evaluating its potential impact, signifying a significant leap forward in industrial cybersecurity.

computer science, information systems, theory & methods

D. Praveena,P. Rangarajan

DOI: https://doi.org/10.1007/s11042-018-6339-0

IF: 2.577

2018-07-04

Multimedia Tools and Applications

Abstract:Cloud computing facilitates the enormous support of the public, business and emerging applications such as healthcare and nature disasters. Based on their services and characteristics, it can be classified as private cloud and public cloud. In this scenario, we need these two kinds of cloud services for an organization to provide the better service to the society. For that purpose, introduced a new cloud service called hybrid cloud service which is the combination of both private and public cloud. Security to the cloud environment is a challenging issue today especially for the hybrid cloud due to the combination of both. Many security mechanisms available in the literature but these are not achieved the sufficient level of security. For this purpose, we propose a new machine learning application for providing security to the hybrid cloud networks while storing the data and retrieving or accessing the data from the cloud. This proposed algorithm combines an existing Enhanced C4.5, newly proposed deduplication processing algorithm and the newly proposed dynamic access control mechanism. Moreover, we introduce a new deduplication processing algorithm for secure storage and retrieval without duplication or redundancy. In addition, a newly proposed dynamic access control mechanism called Dynamic Spatial Role Based Access Control Algorithm is also used in the proposed security framework. The proposed security framework has been implemented and also evaluated that the security level of the hybrid cloud while storing, retrieving and accessing the data from the cloud database.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Deepika Saxena,Ishu Gupta,Rishabh Gupta,Ashutosh Kumar Singh,Xiaoqing Wen

DOI: https://doi.org/10.1109/TSMC.2023.3288081

2023-08-18

Abstract:Cloud virtualization technology, ingrained with physical resource sharing, prompts cybersecurity threats on users' virtual machines (VM)s due to the presence of inevitable vulnerabilities on the offsite servers. Contrary to the existing works which concentrated on reducing resource sharing and encryption and decryption of data before transfer for improving cybersecurity which raises computational cost overhead, the proposed model operates diversely for efficiently serving the same purpose. This paper proposes a novel Multiple Risks Analysis based VM Threat Prediction Model (MR-TPM) to secure computational data and minimize adversary breaches by proactively estimating the VMs threats. It considers multiple cybersecurity risk factors associated with the configuration and management of VMs, along with analysis of users' behaviour. All these threat factors are quantified for the generation of respective risk score values and fed as input into a machine learning based classifier to estimate the probability of threat for each VM. The performance of MR-TPM is evaluated using benchmark Google Cluster and OpenNebula VM threat traces. The experimental results demonstrate that the proposed model efficiently computes the cybersecurity risks and learns the VM threat patterns from historical and live data samples. The deployment of MR-TPM with existing VM allocation policies reduces cybersecurity threats up to 88.9%.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Mansaf Alam,Shuchi Sethi

DOI: https://doi.org/10.48550/arXiv.1504.03539

2015-04-14

Distributed, Parallel, and Cluster Computing

Abstract:Recent research shows that colluded malware in different VMs sharing a single physical host may use a resource as a channel to leak critical information. Covert channels employ time or storage characteristics to transmit confidential information to attackers leaving no trail.These channels were not meant for communication and hence control mechanisms do not exist. This means these remain undetected by traditional security measures employed in firewalls etc in a network. The comprehensive survey to address the issue highlights that accurate methods for fast detection in cloud are very expensive in terms of storage and processing. The proposed framework builds signature by extracting features which accurately classify the regular from covert traffic in cloud and estimates difference in distribution of data under analysis by means of scores. It then adds context to the signature and finally using machine learning (Support Vector Machines),a model is built and trained for deploying in cloud. The results show that the framework proposed is high in accuracy while being low cost and robust as it is tested after adding noise which is likely to exist in public cloud environments.

S. Arvind,Pradeep Balasubramani,D. Hemanand,C. Ashokkumar,Praseeda Ravuri,M.N. Sharath,Kireet Muppavaram,K. Satyanarayana,P.B. Bobba,A. Perveen,S. Debnath

DOI: https://doi.org/10.1051/matecconf/202439201143

2024-03-18

MATEC Web of Conferences

Abstract:Many firms are outsourcing their information and computational needs because of the fast advancement of modern computing technology. Cloud-based computing systems must provide safeguards, including privacy, accessibility, and integrity, making a highly reliable platform crucial. Monitoring malware behavior throughout the whole characteristic spectrum significantly enhances security tactics compared to old methods. This research offers a novel method to improve the capacity of Cloud service suppliers to analyze users' behaviors. This research used a Particle Swarm Optimization-based Deep Learning Model the identification and optimization procedure. During recognition procedure, the system transformed users' behaviors into an understandable format and identified dangerous behaviors using multi-layer neural networks. The analysis of the experimental data indicates that the suggested approach is favorable for use in security surveillance and identification of hostile activities.

Ashutosh Kumar Singh,Rishabh Gupta

DOI: https://doi.org/10.1007/s11042-021-11751-w

IF: 2.577

2022-04-18

Multimedia Tools and Applications

Abstract:A large amount of data and applications need to be shared with various parties and stakeholders in the cloud environment for storage, computation, and data utilization. Since a third party operates the cloud platform, owners cannot fully trust this environment. However, it has become a challenge to ensure privacy preservation when sharing data effectively among different parties. This paper proposes a novel model that partitions data into sensitive and non-sensitive parts, injects the noise into sensitive data, and performs classification tasks using k-anonymization, differential privacy, and machine learning approaches. It allows multiple owners to share their data in the cloud environment for various purposes. The model specifies communication protocol among involved multiple untrusted parties to process owners’ data. The proposed model preserves actual data by providing a robust mechanism. The experiments are performed over Heart Disease, Arrhythmia, Hepatitis, Indian-liver-patient, and Framingham datasets for Support Vector Machine, K-Nearest Neighbor, Random Forest, Naive Bayes, and Artificial Neural Network classifiers to compute the efficiency in terms of accuracy, precision, recall, and F1-score of the proposed model. The achieved results provide high accuracy, precision, recall, and F1-score up to 93.75%, 94.11%, 100%, and 87.99% and improvement up to 16%, 29%, 12%, and 11%, respectively, compared to previous works.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Sanaboyina Madhusudhana Rao,Arpit Jain,PVSS Gangadhar,Vinay Sowpati

DOI: https://doi.org/10.17762/ijritcc.v11i9.8334

2023-10-27

International Journal on Recent and Innovation Trends in Computing and Communication

Abstract:Malware detection for cloud systems has been studied extensively, and many different approaches have been developed and implemented in an effort to stay ahead of this ever-evolving threat. Malware refers to any programme or defect that is designed to duplicate itself or cause damage to the system's hardware or software. These attacks are designed specifically to cause harm to operational systems, but they are invisible to the human eye. One of the most exciting developments in data storage and service delivery today is cloud computing. There are significant benefits to be gained over more conventional protection methods by making use of this fast evolving technology to protect computer-based systems from cyber-related threats. Assets to be secured may reside in any networked computing environment, including but not limited to Cyber Physical Systems (CPS), critical systems, fixed and portable computers, mobile devices, and the Internet of Things (IoT). Malicious software or malware refers to any programme that intentionally compromises a computer system in order to compromise its security, privacy, or availability. A cloud-based intelligent behavior analysis model for malware detection system using feature set is proposed to identify the ever-increasing malware attacks. The suggested system begins by collecting malware samples from several virtual machines, from which unique characteristics can be extracted easily. Then, the malicious and safe samples are separated using the features provided to the learning-based and rule-based detection agents. To generate a relevant feature set for accurate malware detection, this research proposes an Intellectual Feature Ranking Model with Correlated Feature Set (IFR-CFS) model using enhanced logistic regression model for accurate detection of malware in the cloud environment. The proposed model when compared to the traditional feature selection model, performs better in generation of feature set for accurate detection of malware.

Ramanan M.

DOI: https://doi.org/10.1080/03772063.2024.2355665

IF: 1.8768

2024-06-20

IETE Journal of Research

Abstract:With the increasing importance of network security in cloud environments, effective intrusion detection systems (IDS) are crucial for safeguarding data transmission and protecting against cyber attacks. This research proposes a novel IDS model named Mutation Enhanced Moth-Flame Optimization based Kernel Extreme Learning Machine (MEMFO-KELM) algorithm. The objective is to address the challenges associated with cloud environments and enhance the accuracy of intrusion detection in real-time scenarios. The MEMFO-KELM algorithm incorporates advanced techniques to improve classification performance and ensure accurate detection. The deep learning model architecture includes convolutional layers for capturing complex patterns, recurrent layers for modelling temporal dependencies, and fully connected layers for feature extraction. L1 regularization (Lasso) is applied to the fully connected layers to enhance interpretability and reduce model complexity. Here, four datasets are represented to validate the performance with different attacks and normal classes are implemented: MQTT-IoT-IDS2020, CSE-CIC-IDS2018, NSL-KDD, and Apache Web Server. The proposed IDS model achieves remarkable performance, with an accuracy of 98.4%, a false alarm rate of 0.056, a detection rate of 98%, and a computational time of 120 s. These results highlight the effectiveness of the MEMFO-KELM algorithm in accurately detecting intrusions. Comparative analysis reveals that the proposed real-time IDS model demonstrates its superiority compared to other methods. By addressing the challenges of cloud environments and incorporating advanced techniques, the MEMFO-KELM IDS model contributes to enhanced network security, mitigates the risks associated with cyber attacks, and ensures the integrity of globally distributed resources.

telecommunications,engineering, electrical & electronic

Chi-Min Chan,Jianxuan Yu,Weize Chen,Chunyang Jiang,Xinyu Liu,Weijie Shi,Zhiyuan Liu,Wei Xue,Yike Guo

2024-08-27

Abstract:The rapid advancement of large language models (LLMs) has led to the rise of LLM-based agents. Recent research shows that multi-agent systems (MAS), where each agent plays a specific role, can outperform individual LLMs. However, configuring an MAS for a task remains challenging, with performance only observable post-execution. Inspired by scaling laws in LLM development, we investigate whether MAS performance can be predicted beforehand. We introduce AgentMonitor, a framework that integrates at the agent level to capture inputs and outputs, transforming them into statistics for training a regression model to predict task performance. Additionally, it can further apply real-time corrections to address security risks posed by malicious agents, mitigating negative impacts and enhancing MAS security. Experiments demonstrate that an XGBoost model achieves a Spearman correlation of 0.89 in-domain and 0.58 in more challenging scenarios. Furthermore, using AgentMonitor reduces harmful content by 6.2% and increases helpful content by 1.8% on average, enhancing safety and reliability. Code is available at \url{<a class="link-external link-https" href="https://github.com/chanchimin/AgentMonitor" rel="external noopener nofollow">this https URL</a>}.

Computation and Language

Rishabh Gupta,Ashutosh Kumar Singh

DOI: https://doi.org/10.1007/s00354-022-00185-z

2022-07-11

New Generation Computing

Abstract:The massive upsurge in computational and storage has driven the local data and machine learning applications to the cloud environment. The owners may not fully trust the cloud environment as it is managed by third parties. However, maintaining privacy while sharing data and the classifier with several stakeholders is a critical challenge. This paper proposes a novel model based on differential privacy and machine learning approaches that enable multiple owners to share their data for utilization and the classifier to render classification services for users in the cloud environment. To process owners' data and classifier, the model specifies a communication protocol among various untrustworthy parties. The proposed model also provides a robust mechanism to preserve the privacy of data and the classifier. The experiments are conducted for a Naive Bayes classifier over numerous data sets to compute the proposed model's efficiency. The achieved results demonstrate that the proposed model has high accuracy, precision, recall, and F1-score up to 94%, 95%, 94%, and 94%, and improvement up to 16.95%, 20.16%, 16.95%, and 23.33%, respectively, compared with state-of-the-art works.

computer science, theory & methods, hardware & architecture

P. Griffiths

DOI: https://doi.org/10.1136/EBN.7.4.116

2004-09-24

Evidence-Based Nursing

Abstract:Naylor MD, Brooten DA, Campbell RL, et al . Transitional care of older adults hospitalized with heart failure: a randomized, controlled trial. J Am Geriatr Soc 2004;52:675–84. [OpenUrl][1][CrossRef][2][PubMed][3][Web of Science][4] 
 Q In elderly patients admitted to hospital with heart failure (HF), does a 3 month, comprehensive, transitional care intervention reduce readmissions and improve quality of life and functioning? ### ![Graphic][5] Design: randomised controlled trial. ### ![Graphic][6] Allocation: {concealed}.* ### ![Graphic][7] Blinding: blinded {data collectors}.* ### ![Graphic][8] Follow up period: 1 year after index hospital admission. ### ![Graphic][9] Setting: 6 academic and community hospitals in Philadelphia, Pennsylvania, USA. ### ![Graphic][10] Patients: 239 English speaking patients ⩾65 years of age (mean age 76 y, 57% women) who were admitted to hospital from home with HF, alert and oriented, reachable by telephone, and residing ⩽60 miles from the admitting hospital. Exclusion criterion was end stage renal disease. ### ![Graphic][11] Intervention: advanced practice nurse (APN) transitional care (TC) (n = 118) or usual care (n = 121). APN TC comprised (1) APN training by a multidisciplinary team; (2) Quality-Cost Model of APN Transitional Care management strategies (identification of patient and caregiver goals, individualised care plans, educational and behavioural strategies, coordination and continuity of … [1]: {openurl}?query=rft.jtitle%253DJournal%2Bof%2Bthe%2BAmerican%2BGeriatrics%2BSociety%26rft.stitle%253DJ%2BAm%2BGeriatr%2BSoc%26rft.aulast%253DNaylor%26rft.auinit1%253DM.%2BD.%26rft.volume%253D52%26rft.issue%253D5%26rft.spage%253D675%26rft.epage%253D684%26rft.atitle%253DTransitional%2Bcare%2Bof%2Bolder%2Badults%2Bhospitalized%2Bwith%2Bheart%2Bfailure%253A%2Ba%2Brandomized%252C%2Bcontrolled%2Btrial.%26rft_id%253Dinfo%253Adoi%252F10.1111%252Fj.1532-5415.2004.52202.x%26rft_id%253Dinfo%253Apmid%252F15086645%26rft.genre%253Darticle%26rft_val_fmt%253Dinfo%253Aofi%252Ffmt%253Akev%253Amtx%253Ajournal%26ctx_ver%253DZ39.88-2004%26url_ver%253DZ39.88-2004%26url_ctx_fmt%253Dinfo%253Aofi%252Ffmt%253Akev%253Amtx%253Actx [2]: /lookup/external-ref?access_num=10.1111/j.1532-5415.2004.52202.x&link_type=DOI [3]: /lookup/external-ref?access_num=15086645&link_type=MED&atom=%2Febnurs%2F7%2F4%2F116.atom [4]: /lookup/external-ref?access_num=000220855300003&link_type=ISI [5]: /embed/inline-graphic-1.gif [6]: /embed/inline-graphic-2.gif [7]: /embed/inline-graphic-3.gif [8]: /embed/inline-graphic-4.gif [9]: /embed/inline-graphic-5.gif [10]: /embed/inline-graphic-6.gif [11]: /embed/inline-graphic-7.gif

Mohd. Rehan Ghazi,N. S. Raghava

DOI: https://doi.org/10.3934/era.2024060

2024-01-01

Electronic Research Archive

Abstract:With the use of cloud computing, which provides the infrastructure necessary for the efficient delivery of smart city services to every citizen over the internet, intelligent systems may be readily integrated into smart cities and communicate with one another. Any smart system at home, in a car, or in the workplace can be remotely controlled and directed by the individual at any time. Continuous cloud service availability is becoming a critical subscriber requirement within smart cities. However, these cost-cutting measures and service improvements will make smart city cloud networks more vulnerable and at risk. The primary function of Intrusion Detection Systems (IDS) has gotten increasingly challenging due to the enormous proliferation of data created in cloud networks of smart cities. To alleviate these concerns, we provide a framework for automatic, reliable, and uninterrupted cloud availability of services for the network data security of intelligent connected devices. This framework enables IDS to defend against security threats and to provide services that meet the users' Quality of Service (QoS) expectations. This study's intrusion detection solution for cloud network data from smart cities employed Spark and Waikato Environment for Knowledge Analysis (WEKA). WEKA and Spark are linked and made scalable and distributed. The Hadoop Distributed File System (HDFS) storage advantages are combined with WEKA's Knowledge flow for processing cloud network data for smart cities. Utilizing HDFS components, WEKA's machine learning algorithms receive cloud network data from smart cities. This research utilizes the wrapper-based Feature Selection (FS) approach for IDS, employing both the Pigeon Inspired Optimizer (PIO) and the Particle Swarm Optimization (PSO). For classifying the cloud network traffic of smart cities, the tree-based Stacking Ensemble Method (SEM) of J48, Random Forest (RF), and eXtreme Gradient Boosting (XGBoost) are applied. Performance evaluations of our system were conducted using the UNSW-NB15 and NSL-KDD datasets. Our technique is superior to previous works in terms of sensitivity, specificity, precision, false positive rate (FPR), accuracy, F1 Score, and Matthews correlation coefficient (MCC).

mathematics

Rahul Kumar,Nisha Prajapati,R. R. Rout,Kamalakanta Sethi,Padmalochan Bera

DOI: https://doi.org/10.1109/ICCCNT49239.2020.9225627

2020-07-01

Abstract:Enforcing security and resilience in a cloud platform is an essential but challenging problem due to the presence of a large number of heterogeneous applications running on shared resources. A security analysis system that can detect threats or malware must exist inside the cloud infrastructure. Much research has been done on machine learning-driven malware analysis, but it is limited in computational complexity and detection accuracy. To overcome these drawbacks, we proposed a new malware detection system based on the concept of clustering and trend micro locality sensitive hashing (TLSH). We used Cuckoo sandbox, which provides dynamic analysis reports of files by executing them in an isolated environment. We used a novel feature extraction algorithm to extract essential features from the malware reports obtained from the Cuckoo sandbox. Further, the most important features are selected using principal component analysis (PCA), random forest, and Chi-square feature selection methods. Subsequently, the experimental results are obtained for clustering and non-clustering approaches on three classifiers, including Decision Tree, Random Forest, and Logistic Regression. The model performance shows better classification accuracy and false positive rate (FPR) as compared to the state-of-the-art works and non-clustering approach at significantly lesser computation cost.

Computer Science

Deval Bhamare,Tara Salman,Mohammed Samaka,Aiman Erbad,Raj Jain

DOI: https://doi.org/10.1109/ICISSEC.2016.7885853

2018-10-23

Abstract:Cloud computing is gaining significant attention, however, security is the biggest hurdle in its wide acceptance. Users of cloud services are under constant fear of data loss, security threats and availability issues. Recently, learning-based methods for security applications are gaining popularity in the literature with the advents in machine learning techniques. However, the major challenge in these methods is obtaining real-time and unbiased datasets. Many datasets are internal and cannot be shared due to privacy issues or may lack certain statistical characteristics. As a result of this, researchers prefer to generate datasets for training and testing purpose in the simulated or closed experimental environments which may lack comprehensiveness. Machine learning models trained with such a single dataset generally result in a semantic gap between results and their application. There is a dearth of research work which demonstrates the effectiveness of these models across multiple datasets obtained in different environments. We argue that it is necessary to test the robustness of the machine learning models, especially in diversified operating conditions, which are prevalent in cloud scenarios. In this work, we use the UNSW dataset to train the supervised machine learning models. We then test these models with ISOT dataset. We present our results and argue that more research in the field of machine learning is still required for its applicability to the cloud security.

Machine Learning

Donghai Tian,Runze Zhao,Rui Ma,Xiaoqi Jia,Qi Shen,Changzhen Hu,Wenmao Liu

DOI: https://doi.org/10.1002/ett.4584

IF: 3.6

2022-07-01

Transactions on Emerging Telecommunications Technologies

Abstract:We present MDCD, a malware detection system for virtualization environments. By utilizing the run‐time utilization and memory object information of the target VM, we can effectively detect the malicious programs in the target VM. With the increasing popularity of cloud computing applications, the threat of malware attack against cloud environments is getting worse. To defend against malware attacks in the cloud, some virtualization‐based approaches are proposed. However, the existing methods suffer from limitations in terms of detection accuracy, deployment effort, and performance cost. To address these issues, we propose MDCD, a novel dynamic malware detection solution for cloud environments. This method first utilizes a lightweight agent to collect the run‐time utilization information from the target virtual machine (VM). Then, it leverages the memory forensics analysis technique to extract the memory object information from the target VM's memory. To fully make use of the run‐time utilization and memory object information for malware detection, we propose a multi‐CNN model, which combines multiple convolutional neural networks (CNNs) efficiently. The evaluation shows that our approach can achieve an average detection accuracy, precision, recall, and F1 Score of 98.89%, 97.01%, 98.17%, and 97.89% respectively. Compared with the existing solutions, our method can detect multiple malicious processes effectively with little deployment effort.

telecommunications

Thilagam T,Aruna R

DOI: https://doi.org/10.53759/7669/jmc202303008

2023-04-05

Journal of Machine and Computing

Abstract:Cloud Computing (CC) is a relatively new technology that allows for widespread access and storage on the internet. Despite its low cost and numerous benefits, cloud technology still confronts several obstacles, including data loss, quality concerns, and data security like recurring hacking. The security of data stored in the cloud has become a major worry for both Cloud Service Providers (CSPs) and users. As a result, a powerful Intrusion Detection System (IDS) must be set up to detect and prevent possible cloud threats at an early stage. Intending to develop a novel IDS system, this paper introduces a new optimization concept named Lion Mutated-Genetic Algorithm (LM-GA) with the hybridization of Machine Learning (ML) algorithms such as Convolutional Neural Network (CNN) and Long Short-Term Memory (LSTM). Initially, the input text data is preprocessed and balanced to avoid redundancy and vague data. The preprocessed data is then subjected to the hybrid Deep Learning (DL) models namely the CNN-LSTM model to get the IDS output. Now, the intruded are discarded and non-intruded data are secured using Advanced Encryption Standard (AES) encryption model. Besides, the optimal key selection is done by the proposed LM-GA model and the cipher text is further secured via the steganography approach. NSL-KDD and UNSW-NB15 are the datasets used to verify the performance of the proposed LM-GA-based IDS in terms of average intrusion detection rate, accuracy, precision, recall, and F-Score.

Rishabh Gupta,Ashutosh Kumar Singh

DOI: https://doi.org/10.13052/jwe1540-9589.2132

2022-02-14

Journal of Web Engineering

Abstract:Cloud computing has multiple benefits in terms of minimum cost, maximum efficiency, and high scalability, which prompts shifting a large amount of data from the local machine to the cloud environment for storage, computation, and data sharing among various parties stakeholders. However, owners do not fully trust the cloud platform operated by a third party. Therefore, security and privacy emerge as critical issues while sharing data among different parties. In this paper, a novel privacy-preserving model is proposed by utilizing encryption, differential privacy, and machine learning approaches. It facilitates data owners to share their data securely in the cloud environment. The model defines access policy and communication protocol among the involved untrusted parties for data processing and privacy preservation. The proposed model is evaluated by executing experiments using distinct datasets. The achieved results reveal that the proposed model provides high accuracy, precision, recall, and f1-score up to 98%, 98%, 97%, and 97%, respectively, over the state of the art methods.

computer science, theory & methods, software engineering