Skip to main content
SpringerLink
Log in

CADS-ML/DL: efficient cloud-based multi-attack detection system

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

With the increasing adoption of cloud computing, securing cloud-based systems and applications has become a critical concern for almost every organization. Traditional security approaches such as signature-based and rule-based have limited detection capabilities toward new and sophisticated attacks. To address this issue, there has been an increasing focus on implementing Artificial Intelligence (AI) in cloud security measures. In this research article, we present CADS-ML/DL, an efficient cloud-based multi-attack detection system. We investigate the effectiveness of Machine Learning (ML) and Deep Learning (DL) techniques for detecting cloud attacks. Our approach leverages a realistic dataset consisting of both benign and fourteen common attack network flows that meet real-world criteria on the AWS cloud platform. We evaluate eight Intrusion Detection Systems (IDSs) based on ML and DL algorithms, including Decision Tree (DT), Random Forest (RF), Extreme Gradient Boosting (XGBoost), Gated Recurrent Units (GRU), Long Short-Term Memory (LSTM), Stacked LSTM, and Bidirectional LSTM (Bi-LSTM) models. Experimental results demonstrate that the CADS-ML/DL system, specifically the XGBoost model, outperforms the other models, exhibiting an accuracy of 0.9770 and a false error rate of 0.0230. Furthermore, we validate the effectiveness of our proposed XGBoost model on the AWS benchmark CSE-CICIDS2018 dataset, attaining a remarkable accuracy score of 0.9999 and an exceptionally low false error rate of 0.0001. Our findings suggest that AI-based approaches have the potential to detect cloud attacks effectively and contribute to the development of reliable and efficient IDSs for cloud security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20

Similar content being viewed by others

Data availability

The datasets generated and analyzed during the current study are available from the corresponding author on reasonable request.

References

  1. Jathanna, R., Jagli, D.: Cloud computing and security issues. Int. J. Eng. Res. Appl. 07, 31–38 (2017). https://doi.org/10.9790/9622-0706053138

    Article  Google Scholar 

  2. Subramanian, N., Jeyaraj, A.: Recent security challenges in cloud computing. Comput. Electr. Eng. 71, 28–42 (2018). https://doi.org/10.1016/j.compeleceng.2018.06.006

    Article  Google Scholar 

  3. Almudaires, Fajer & Almaiah, Mohammed & Almaayah, Drmohammed. (2021). Data an Overview of Cybersecurity Threats on Credit Card Companies and Credit Card Risk Mitigation. pp 732–738. https://doi.org/10.1109/ICIT52682.2021.9491114.

  4. Ahmad, W., Rasool, A., Javed, A.R., Baker, T., Jalil, Z.: Cyber security in IoT-based cloud computing: a comprehensive survey. Electronics 11(1), 16 (2022). https://doi.org/10.3390/electronics11010016

    Article  Google Scholar 

  5. Alawida, M., Omolara, A.E., Abiodun, O.I., Al-Rajab, M.: A deeper look into cybersecurity issues in the wake of Covid-19: a survey. J. King Saud Univ. Comput. Inf. Sci. 34(10), 8176–8206 (2022). https://doi.org/10.1016/j.jksuci.2022.08.003

    Article  Google Scholar 

  6. Shaikh, F.A., Siponen, M.: Information security risk assessments following cybersecurity breaches: The mediating role of top management attention to cybersecurity. Comput. Security 124, 102974 (2023). https://doi.org/10.1016/j.cose.2022.102974

    Article  Google Scholar 

  7. Abdullayeva, F.J.: Advanced persistent threat attack detection method in cloud computing based on autoencoder and softmax regression algorithm. Array 10, 100067 (2021). https://doi.org/10.1016/j.array.2021.100067

    Article  Google Scholar 

  8. Abdulsalam, Y.S., Hedabou, M.: Security and privacy in cloud computing: technical review. Future Internet. 14(1), 11 (2022). https://doi.org/10.3390/fi14010011

    Article  Google Scholar 

  9. Golightly, L., Chang, V., Xu, Q.A., Gao, X., Liu, B.S.: Adoption of cloud computing as innovation in the organization. Int. J. Eng. Bus. Manag. 14, 18479790221093990 (2022). https://doi.org/10.1177/18479790221093992

    Article  Google Scholar 

  10. Rana, P., Batra, I., Malik, A., Imoize, A.L., Kim, Y., Pani, S.K., Goyal, N., Kumar, A., Rho, S.: Intrusion detection systems in cloud computing paradigm: analysis and overview. Complexity 3999039, 14 (2022). https://doi.org/10.1155/2022/3999039

    Article  Google Scholar 

  11. Azab, A., Khasawneh, M., Alrabaee, S., Raymond Choo, K.-K., Sarsour, M.: Network traffic classification: techniques datasets and challenges. Digital Commun. Netw. (2022). https://doi.org/10.1016/j.dcan.2022.09.009

    Article  Google Scholar 

  12. Zhang, Y., Liu, Y., Guo, X., Liu, Z., Zhang, X., Liang, K.: A BiLSTM-based DDoS attack detection method for edge computing. Energies 15(21), 7882 (2022). https://doi.org/10.3390/en15217882

    Article  Google Scholar 

  13. Patel, A., Taghavi, M., Bakhtiyari, K., et al.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 36(1), 25–41 (2013). https://doi.org/10.1016/j.jnca.2012.08.007

    Article  Google Scholar 

  14. Mamaheswari, K., Sujatha, S.: Impregnable defence architecture using dynamic correlation-based graded intrusion detection system for cloud. Defence Sci. J. 67, 645–653 (2017). https://doi.org/10.14429/dsj.67.11118

    Article  Google Scholar 

  15. Iqbal, Farkhund & Batool, Rabia & Fung, Benjamin & Aleem, Saiqa & Abbasi, Ahmed & Javed, Abdul Rehman. (2021). Tweet-to-act: towards tweet-mining framework for extracting terrorist attack-related information and reporting. IEEE access. PP. 1–1. https://doi.org/10.1109/ACCESS.2021.3102040.

  16. Díaz-Verdejo, J., Muñoz-Calle, J., Estepa Alonso, A., Estepa Alonso, R., Madinabeitia, G.: On the detection capabilities of signature-based intrusion detection systems in the context of web attacks. Appl. Sci. 12(2), 852 (2022). https://doi.org/10.3390/app12020852

    Article  Google Scholar 

  17. Cebi, C., Bulut, F., Firat, H., Sahingoz, O., Baydogmus, K., Gozde.: Deep learning based security management of information systems: a comparative study. J. Adv. Inf. Technol. (2020). https://doi.org/10.12720/jait.11.3.135-142

    Article  Google Scholar 

  18. Atefinia, R., Ahmadi, M.: Network intrusion detection using multi-architectural modular deep neural network. J. Supercomput. 77, 3571–3593 (2021). https://doi.org/10.1007/s11227-020-03410-y

    Article  Google Scholar 

  19. Aldallal, A.: Toward efficient intrusion detection system using hybrid deep learning approach. Symmetry. 14(9), 1916 (2022). https://doi.org/10.3390/sym14091916

    Article  MathSciNet  Google Scholar 

  20. Balasubramaniam, S., Vijesh Joe, C., Sivakumar, T.A., Prasanth, A., Satheesh Kumar, K., Kavitha, V., Dhanaraj, R.K.: Optimization enabled deep learning-based DDoS attack detection in cloud computing. Int. J. Intell. Syst. 2039217, 16 (2023). https://doi.org/10.1155/2023/2039217

    Article  Google Scholar 

  21. Talpur, N., Abdulkadir, S.J., Alhussian, H., Hasan, M.H., Aziz, N., Bamhdi, A.: A comprehensive review of deep neuro-fuzzy system architectures and their optimization methods. Neural Comput. & Appl. 34, 1837–1875 (2022). https://doi.org/10.1007/s00521-021-06807-9

    Article  Google Scholar 

  22. Talpur, N., Abdulkadir, S.J., Alhussian, H., Hasan, M.H., Aziz, N., Bamhdi, A.: Deep neuro-fuzzy system application trends, challenges, and future perspectives: a systematic survey. Artif. Intell. Rev. 13, 1–49 (2023). https://doi.org/10.1007/s10462-022-10188-3

    Article  Google Scholar 

  23. Karatas, G., Demir, O., Sahingoz, O.K.: Increasing the performance of machine learning-based IDSs on an imbalanced and up-to-date dataset. IEEE Access 8, 32150–32162 (2020). https://doi.org/10.1109/ACCESS.2020.2973219

    Article  Google Scholar 

  24. Zhou, Y., Cheng, G., Jiang, S., Dai, M.: Building an efficient intrusion detection system based on feature selection and ensemble classifier. Comput. Netw. 174, 107247 (2020). https://doi.org/10.1016/j.comnet.2020.107247

    Article  Google Scholar 

  25. Kim, J., Kim, J., Kim, H., Shim, M., Choi, E.: CNN-based network intrusion detection against denial-of-service attacks. Electronics 9(6), 916 (2020). https://doi.org/10.3390/electronics9060916

    Article  Google Scholar 

  26. Rehman, Su., Khaliq, M., Imtiaz, S.I., Rasool, A., Shafiq, M., Javed, A.R., Jalil, Z., Bashir, A.K.: DIDDOS: an approach for detection and identification of Distributed Denial of Service (DDoS) cyberattacks using Gated Recurrent Units (GRU). Future Gener. Comput. Syst. 118, 453–466 (2021). https://doi.org/10.1016/j.future.2021.01.022

    Article  Google Scholar 

  27. Seth, S., Singh, G., Kaur Chahal, K.: A novel time efficient learning-based approach for smart intrusion detection system. J. Big Data 8, 111 (2021). https://doi.org/10.1186/s40537-021-00498-8

    Article  Google Scholar 

  28. Fu, Y., Du, Y., Cao, Z., Li, Q., Xiang, W.: A deep learning model for network intrusion detection with imbalanced data. Electronics 11(6), 898 (2022). https://doi.org/10.3390/electronics11060898

    Article  Google Scholar 

  29. Sydney Mambwe Kasongo: A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework. Comput. Commun. 199, 113–125 (2023). https://doi.org/10.1016/j.comcom.2022.12.010

    Article  Google Scholar 

  30. Abdelkhalek, A., Mashaly, M.: Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning. J. Supercomput. (2023). https://doi.org/10.1007/s11227-023-05073-x

    Article  Google Scholar 

  31. Wang, Y.-C., Houng, Y.-C., Chen, H.-X., Tseng, S.-M.: Network anomaly intrusion detection based on deep learning approach. Sensors 23(4), 2171 (2023). https://doi.org/10.3390/s23042171

    Article  Google Scholar 

  32. A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) was accessed on 02/01/2023 from https://registry.opendata.aws/cse-cic-ids2018.

  33. Khan, M.A.: HCRNNIDS: hybrid convolutional recurrent neural network-based network intrusion detection system. Processes 9(5), 834 (2021). https://doi.org/10.3390/pr9050834

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ENET’COM, NTS’COM Research Unit, University of Sfax, Sfax, Tunisia

    Saida Farhat, Amel Meddeb-Makhlouf & Faouzi Zarai

  2. Tunis Business School, University of Tunis, Tunis, Tunisia

    Manel Abdelkader

Authors
  1. Saida Farhat
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Manel Abdelkader
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Amel Meddeb-Makhlouf
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Faouzi Zarai
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

AB, CD, EF, and GH conceived and planned the experiments. AB carried out the experiments. AB, CD, EF, and GH contributed to the interpretation of the results. AB took the lead in writing the manuscript. All authors provided critical feedback and helped shape the research, analysis, and manuscript.

Corresponding author

Correspondence to Saida Farhat.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Farhat, S., Abdelkader, M., Meddeb-Makhlouf, A. et al. CADS-ML/DL: efficient cloud-based multi-attack detection system. Int. J. Inf. Secur. 22, 1989–2013 (2023). https://doi.org/10.1007/s10207-023-00729-4

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00729-4

Keyword

Search

Navigation