Abstract
With the increasing adoption of cloud computing, securing cloud-based systems and applications has become a critical concern for almost every organization. Traditional security approaches such as signature-based and rule-based have limited detection capabilities toward new and sophisticated attacks. To address this issue, there has been an increasing focus on implementing Artificial Intelligence (AI) in cloud security measures. In this research article, we present CADS-ML/DL, an efficient cloud-based multi-attack detection system. We investigate the effectiveness of Machine Learning (ML) and Deep Learning (DL) techniques for detecting cloud attacks. Our approach leverages a realistic dataset consisting of both benign and fourteen common attack network flows that meet real-world criteria on the AWS cloud platform. We evaluate eight Intrusion Detection Systems (IDSs) based on ML and DL algorithms, including Decision Tree (DT), Random Forest (RF), Extreme Gradient Boosting (XGBoost), Gated Recurrent Units (GRU), Long Short-Term Memory (LSTM), Stacked LSTM, and Bidirectional LSTM (Bi-LSTM) models. Experimental results demonstrate that the CADS-ML/DL system, specifically the XGBoost model, outperforms the other models, exhibiting an accuracy of 0.9770 and a false error rate of 0.0230. Furthermore, we validate the effectiveness of our proposed XGBoost model on the AWS benchmark CSE-CICIDS2018 dataset, attaining a remarkable accuracy score of 0.9999 and an exceptionally low false error rate of 0.0001. Our findings suggest that AI-based approaches have the potential to detect cloud attacks effectively and contribute to the development of reliable and efficient IDSs for cloud security.
Similar content being viewed by others
Data availability
The datasets generated and analyzed during the current study are available from the corresponding author on reasonable request.
References
Jathanna, R., Jagli, D.: Cloud computing and security issues. Int. J. Eng. Res. Appl. 07, 31–38 (2017). https://doi.org/10.9790/9622-0706053138
Subramanian, N., Jeyaraj, A.: Recent security challenges in cloud computing. Comput. Electr. Eng. 71, 28–42 (2018). https://doi.org/10.1016/j.compeleceng.2018.06.006
Almudaires, Fajer & Almaiah, Mohammed & Almaayah, Drmohammed. (2021). Data an Overview of Cybersecurity Threats on Credit Card Companies and Credit Card Risk Mitigation. pp 732–738. https://doi.org/10.1109/ICIT52682.2021.9491114.
Ahmad, W., Rasool, A., Javed, A.R., Baker, T., Jalil, Z.: Cyber security in IoT-based cloud computing: a comprehensive survey. Electronics 11(1), 16 (2022). https://doi.org/10.3390/electronics11010016
Alawida, M., Omolara, A.E., Abiodun, O.I., Al-Rajab, M.: A deeper look into cybersecurity issues in the wake of Covid-19: a survey. J. King Saud Univ. Comput. Inf. Sci. 34(10), 8176–8206 (2022). https://doi.org/10.1016/j.jksuci.2022.08.003
Shaikh, F.A., Siponen, M.: Information security risk assessments following cybersecurity breaches: The mediating role of top management attention to cybersecurity. Comput. Security 124, 102974 (2023). https://doi.org/10.1016/j.cose.2022.102974
Abdullayeva, F.J.: Advanced persistent threat attack detection method in cloud computing based on autoencoder and softmax regression algorithm. Array 10, 100067 (2021). https://doi.org/10.1016/j.array.2021.100067
Abdulsalam, Y.S., Hedabou, M.: Security and privacy in cloud computing: technical review. Future Internet. 14(1), 11 (2022). https://doi.org/10.3390/fi14010011
Golightly, L., Chang, V., Xu, Q.A., Gao, X., Liu, B.S.: Adoption of cloud computing as innovation in the organization. Int. J. Eng. Bus. Manag. 14, 18479790221093990 (2022). https://doi.org/10.1177/18479790221093992
Rana, P., Batra, I., Malik, A., Imoize, A.L., Kim, Y., Pani, S.K., Goyal, N., Kumar, A., Rho, S.: Intrusion detection systems in cloud computing paradigm: analysis and overview. Complexity 3999039, 14 (2022). https://doi.org/10.1155/2022/3999039
Azab, A., Khasawneh, M., Alrabaee, S., Raymond Choo, K.-K., Sarsour, M.: Network traffic classification: techniques datasets and challenges. Digital Commun. Netw. (2022). https://doi.org/10.1016/j.dcan.2022.09.009
Zhang, Y., Liu, Y., Guo, X., Liu, Z., Zhang, X., Liang, K.: A BiLSTM-based DDoS attack detection method for edge computing. Energies 15(21), 7882 (2022). https://doi.org/10.3390/en15217882
Patel, A., Taghavi, M., Bakhtiyari, K., et al.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 36(1), 25–41 (2013). https://doi.org/10.1016/j.jnca.2012.08.007
Mamaheswari, K., Sujatha, S.: Impregnable defence architecture using dynamic correlation-based graded intrusion detection system for cloud. Defence Sci. J. 67, 645–653 (2017). https://doi.org/10.14429/dsj.67.11118
Iqbal, Farkhund & Batool, Rabia & Fung, Benjamin & Aleem, Saiqa & Abbasi, Ahmed & Javed, Abdul Rehman. (2021). Tweet-to-act: towards tweet-mining framework for extracting terrorist attack-related information and reporting. IEEE access. PP. 1–1. https://doi.org/10.1109/ACCESS.2021.3102040.
Díaz-Verdejo, J., Muñoz-Calle, J., Estepa Alonso, A., Estepa Alonso, R., Madinabeitia, G.: On the detection capabilities of signature-based intrusion detection systems in the context of web attacks. Appl. Sci. 12(2), 852 (2022). https://doi.org/10.3390/app12020852
Cebi, C., Bulut, F., Firat, H., Sahingoz, O., Baydogmus, K., Gozde.: Deep learning based security management of information systems: a comparative study. J. Adv. Inf. Technol. (2020). https://doi.org/10.12720/jait.11.3.135-142
Atefinia, R., Ahmadi, M.: Network intrusion detection using multi-architectural modular deep neural network. J. Supercomput. 77, 3571–3593 (2021). https://doi.org/10.1007/s11227-020-03410-y
Aldallal, A.: Toward efficient intrusion detection system using hybrid deep learning approach. Symmetry. 14(9), 1916 (2022). https://doi.org/10.3390/sym14091916
Balasubramaniam, S., Vijesh Joe, C., Sivakumar, T.A., Prasanth, A., Satheesh Kumar, K., Kavitha, V., Dhanaraj, R.K.: Optimization enabled deep learning-based DDoS attack detection in cloud computing. Int. J. Intell. Syst. 2039217, 16 (2023). https://doi.org/10.1155/2023/2039217
Talpur, N., Abdulkadir, S.J., Alhussian, H., Hasan, M.H., Aziz, N., Bamhdi, A.: A comprehensive review of deep neuro-fuzzy system architectures and their optimization methods. Neural Comput. & Appl. 34, 1837–1875 (2022). https://doi.org/10.1007/s00521-021-06807-9
Talpur, N., Abdulkadir, S.J., Alhussian, H., Hasan, M.H., Aziz, N., Bamhdi, A.: Deep neuro-fuzzy system application trends, challenges, and future perspectives: a systematic survey. Artif. Intell. Rev. 13, 1–49 (2023). https://doi.org/10.1007/s10462-022-10188-3
Karatas, G., Demir, O., Sahingoz, O.K.: Increasing the performance of machine learning-based IDSs on an imbalanced and up-to-date dataset. IEEE Access 8, 32150–32162 (2020). https://doi.org/10.1109/ACCESS.2020.2973219
Zhou, Y., Cheng, G., Jiang, S., Dai, M.: Building an efficient intrusion detection system based on feature selection and ensemble classifier. Comput. Netw. 174, 107247 (2020). https://doi.org/10.1016/j.comnet.2020.107247
Kim, J., Kim, J., Kim, H., Shim, M., Choi, E.: CNN-based network intrusion detection against denial-of-service attacks. Electronics 9(6), 916 (2020). https://doi.org/10.3390/electronics9060916
Rehman, Su., Khaliq, M., Imtiaz, S.I., Rasool, A., Shafiq, M., Javed, A.R., Jalil, Z., Bashir, A.K.: DIDDOS: an approach for detection and identification of Distributed Denial of Service (DDoS) cyberattacks using Gated Recurrent Units (GRU). Future Gener. Comput. Syst. 118, 453–466 (2021). https://doi.org/10.1016/j.future.2021.01.022
Seth, S., Singh, G., Kaur Chahal, K.: A novel time efficient learning-based approach for smart intrusion detection system. J. Big Data 8, 111 (2021). https://doi.org/10.1186/s40537-021-00498-8
Fu, Y., Du, Y., Cao, Z., Li, Q., Xiang, W.: A deep learning model for network intrusion detection with imbalanced data. Electronics 11(6), 898 (2022). https://doi.org/10.3390/electronics11060898
Sydney Mambwe Kasongo: A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework. Comput. Commun. 199, 113–125 (2023). https://doi.org/10.1016/j.comcom.2022.12.010
Abdelkhalek, A., Mashaly, M.: Addressing the class imbalance problem in network intrusion detection systems using data resampling and deep learning. J. Supercomput. (2023). https://doi.org/10.1007/s11227-023-05073-x
Wang, Y.-C., Houng, Y.-C., Chen, H.-X., Tseng, S.-M.: Network anomaly intrusion detection based on deep learning approach. Sensors 23(4), 2171 (2023). https://doi.org/10.3390/s23042171
A Realistic Cyber Defense Dataset (CSE-CIC-IDS2018) was accessed on 02/01/2023 from https://registry.opendata.aws/cse-cic-ids2018.
Khan, M.A.: HCRNNIDS: hybrid convolutional recurrent neural network-based network intrusion detection system. Processes 9(5), 834 (2021). https://doi.org/10.3390/pr9050834
Author information
Authors and Affiliations
Contributions
AB, CD, EF, and GH conceived and planned the experiments. AB carried out the experiments. AB, CD, EF, and GH contributed to the interpretation of the results. AB took the lead in writing the manuscript. All authors provided critical feedback and helped shape the research, analysis, and manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Farhat, S., Abdelkader, M., Meddeb-Makhlouf, A. et al. CADS-ML/DL: efficient cloud-based multi-attack detection system. Int. J. Inf. Secur. 22, 1989–2013 (2023). https://doi.org/10.1007/s10207-023-00729-4
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00729-4