Skip to main content
SpringerLink
Log in

DMAIDPS: a distributed multi-agent intrusion detection and prevention system for cloud IoT environments

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Cloud Internet of Things (CIoT) environments, as the essential basis for computing services, have been subject to abuses and cyber threats. The adversaries constantly search for vulnerable areas in such computing environments to impose their damages and create complex challenges. Hence, using intrusion detection and prevention systems (IDPSs) is almost mandatory for securing CIoT environments. However, the existing IDPSs in this area suffer from some limitations, such as incapability of detecting unknown attacks and being vulnerable to the single point of failure. In this paper, we propose a novel distributed multi-agent IDPS (DMAIDPS) that overcomes these limitations. The learning agents in DMAIDPS perform a six-step detection process to classify the network behavior as normal or under attack. We have tested the proposed DMAIDPS with the KDD Cup 99 and NSL-KDD datasets. The experimental results have been compared with other methods in the field based on Recall, Accuracy, and F-Score metrics. The proposed system has improved the Recall, Accuracy, and F-Scores metrics by an average of 16.81%, 16.05%, and 18.12%, respectively.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. De Donno, M., Tange, K., Dragoni, N.: Foundations and evolution of modern computing paradigms: cloud, IoT, edge, and fog. IEEE Access 7, 150.936-150.948 (2019)

    Article  Google Scholar 

  2. Javadpour, A., Abadi, A.M.H., Rezaei, S., Zomorodian, M., Rostami, A.S.: Improving load balancing for data-duplication in Big Data cloud computing networks. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03312-5

    Article  Google Scholar 

  3. Javadpour, A., Wang, G.: cTMvSDN: improving resource management using combination of Markov-process and TDMA in software-defined networking. J. Supercomput. 78, 1–23 (2021)

    Google Scholar 

  4. Gheisari, M., Wang, G., Khan, W.Z., Fernández-Campusano, C.: A context-aware privacy-preserving method for IoT-based smart city using software defined networking. Comput. Secur. 87, 101470 (2019)

    Article  Google Scholar 

  5. Javadpour, A., Wang, G., Rezaei, S.: Resource management in a peer to peer cloud network for IoT. Wirel. Pers. Commun. 115(3), 2471–2488 (2020)

    Article  Google Scholar 

  6. Javadpour, A., Wang, G., Rezaei, S., Li, K.-C.: Detecting straggler MapReduce tasks in Big Data processing infrastructure by neural network. J. Supercomput. 76(9), 6969–6993 (2020)

    Article  Google Scholar 

  7. Hedayati, R., Mostafavi, S.: A lightweight image encryption algorithm for secure communications in multimedia Internet of Things. Wirel. Pers. Commun. 123, 1–23 (2021)

    Google Scholar 

  8. Toumi, H., Fagroud, F.Z., Zakouni, A., Talea, M.: Implementing Hy-IDS, mobiles agents and virtual firewall to enhance the security in IaaS cloud. Procedia Comput. Sci. 160, 819–824 (2019)

    Article  Google Scholar 

  9. Sukmana, M.I., Torkura, K.A., Graupner, H., Cheng, F., Meinel, C.: Unified cloud access control model for cloud storage broker. In: 2019 International Conference on Information Networking (ICOIN), pp. 60–65. IEEE (2019)

  10. Torres, N., Pinto, P., Lopes, S.I.: Security vulnerabilities in LPWANs—an attack vector analysis for the IoT ecosystem. Appl. Sci. 11(7), 3176 (2021)

    Article  Google Scholar 

  11. Marrikukkala, R.K., Praveen, P., Yadav, B.P., Jhansi, G., Rao, P.V.R.: Remote data auditing in multi-tenancy cloud storage by using file attribute test technique. IOP Conf. Ser. Mater. Sci. Eng. 981(2), 022048 (2020)

    Article  Google Scholar 

  12. Wang, W., Du, X., Shan, D., Qin, R., Wang, N.: Cloud intrusion detection method based on stacked contractive auto-encoder and support vector machine. IEEE Trans. Cloud Comput. (2020). https://doi.org/10.1109/TCC.2020.3001017

    Article  Google Scholar 

  13. Wang, Y., Meng, W., Li, W., Li, J., Liu, W.-X., Xiang, Y.: A fog-based privacy-preserving approach for distributed signature-based intrusion detection. J. Parallel Distrib. Comput. 122, 26–35 (2018)

    Article  Google Scholar 

  14. Alekar, P.: Survey on intrusion detection system (IDS). Int. J. Technol. Res. Manag. 5(7), 1–5 (2018)

    Google Scholar 

  15. Visoottiviseth, V., Sakarin, P., Thongwilai, J., Choobanjong, T.: Signature-based and behavior-based attack detection with machine learning for home IoT devices. In: IEEE Region 10 Conference (TENCON), 2020, pp. 829–834. IEEE (2020)

  16. Masdari, M., Jalali, M.: A survey and taxonomy of DOS attacks in cloud computing. Secur. Commun. Netw. 9(16), 3724–3751 (2016)

    Article  Google Scholar 

  17. Alturfi, S.M., Muhsen, D.K., Mohammed, M.A., Aziz, I.T., Aljshamee, M.: A combination techniques of intrusion prevention and detection for cloud computing. J. Phys. Conf. Ser. 1804(1), 012121 (2021)

    Article  Google Scholar 

  18. Ravji, S., Ali, M.: Integrated intrusion detection and prevention system with honeypot in cloud computing. In: 2018 International Conference on Computing, Electronics and Communications Engineering (iCCECE), pp. 95–100. IEEE (2018)

  19. Dorri, A., Kanhere, S.S., Jurdak, R.: Multi-agent systems: a survey. IEEE Access 6, 28573–28593 (2018)

    Article  Google Scholar 

  20. Rebbah, M., Rebbah, D.E.H., Smail, O.: Intrusion detection in Cloud Internet of Things environment. In: 2017 International Conference on Mathematics and Information Technology (ICMIT), pp. 65–70. IEEE (2017)

  21. Sohal, A.S., Sandhu, R., Sood, S.K., Chang, V.: A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Comput. Secur. 74, 340–354 (2018)

    Article  Google Scholar 

  22. Ádám, N., Madoš, B., Baláž, A., Pavlik, T.: Artificial neural network based IDS. In: 2017 IEEE 15th International Symposium on Applied Machine Intelligence and Informatics (SAMI), pp. 000159–000164. IEEE (2017)

  23. Ghosh, P., Mitra, R.: Proposed GA-BFSS and logistic regression based intrusion detection system. In: Proceedings of the 2015 Third International Conference on Computer, Communication, Control and Information Technology (C3IT), pp. 1–6. IEEE (2015)

  24. Javadpour, A., Abharian, S.K., Wang, G.: Feature selection and intrusion detection in cloud environment based on machine learning algorithms. In: IEEE International Symposium on Parallel and Distributed Processing with Applications and 2017 IEEE International Conference on Ubiquitous Computing and Communications (ISPA/IUCC), 2017, pp. 1417–1421. IEEE (2017)

  25. Hajimirzaei, B., Navimipour, N.J.: Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Express 5(1), 56–59 (2019)

    Article  Google Scholar 

  26. Chiba, Z., Abghour, N., Moussaid, K., Rida, M., et al.: Intelligent approach to build a deep neural network based IDS for cloud environment using combination of machine learning algorithms. Comput. Secur. 86, 291–317 (2019)

    Article  Google Scholar 

  27. Chiba, Z., Abghour, N., Moussaid, K., El Omri, A., Rida, M.: A clever approach to develop an efficient deep neural network based IDS for cloud environments using a self-adaptive genetic algorithm. In: International Conference on Advanced Communication Technologies and Networking (CommNet), 2019, pp. 1–9. IEEE (2019)

  28. Pacheco, J., Benitez, V.H., Felix-Herran, L.C., Satam, P.: Artificial neural networks-based intrusion detection system for Internet of Things fog nodes. IEEE Access 8, 73907–73918 (2020)

    Article  Google Scholar 

  29. de Souza, C.A., Westphall, C.B., Machado, R.B., Sobral, J.B.M., dos Santos Vieira, G.: Hybrid approach to intrusion detection in fog-based IoT environments. Comput. Netw. 180, 107417 (2020)

    Article  Google Scholar 

  30. Selvapandian, D., Santhosh, R.: Deep learning approach for intrusion detection in IoT-multi cloud environment. Autom. Softw. Eng. 28(2), 1–17 (2021)

    Article  Google Scholar 

  31. Kotpalliwar, M.V., Wajgi, R.: Classification of attacks using support vector machine (SVM) on KDD Cup’99 IDS database. In: 2015 Fifth International Conference on Communication Systems and Network Technologies, pp. 987–990. IEEE (2015)

  32. Wang, W., Du, X., Wang, N.: Building a cloud IDS using an efficient feature selection method and SVM. IEEE Access 7, 1345–1354 (2018)

    Article  Google Scholar 

  33. Nguyen, T.G., Phan, T.V., Nguyen, B.T., So-In, C., Baig, Z.A., Sanguanpong, S.: SeArch: a collaborative and intelligent NIDS architecture for SDN-based cloud IoT networks. IEEE Access 7, 107678–107694 (2019)

    Article  Google Scholar 

  34. Martinez, C.V., Sollfrank, M., Vogel-Heuser, B.: A multi-agent approach for hybrid intrusion detection in industrial networks: design and implementation. In: 2019 IEEE 17th International Conference on Industrial Informatics (INDIN), vol. 1, pp. 351–357. IEEE (2019)

  35. Kerim, B.: Securing IoT network against DDoS attacks using multi-agent IDS. J. Phys. Conf. Ser. 1898(1), 012033 (2021)

    Article  Google Scholar 

  36. Sethi, K., Kumar, R., Prajapati, N., Bera, P.: Deep reinforcement learning based intrusion detection system for cloud infrastructure. In: 2020 International Conference on COMmunication Systems and NETworkS (COMSNETS), pp. 1–6. IEEE (2020)

  37. Sethi, K., Madhav, Y.V., Kumar, R., Bera, P.: Attention based multi-agent intrusion detection systems using reinforcement learning. J. Inf. Secur. Appl. 61, 102923 (2021)

    Google Scholar 

  38. Xiao, Y., Xiao, X.: An intrusion detection system based on a simplified residual network. Information 10(11), 356 (2019)

    Article  Google Scholar 

  39. Sun, C.-C., Hong, J., Liu, C.-C.: A coordinated cyber attack detection system (CCADS) for multiple substations. In: Power Systems Computation Conference (PSCC), 2016, pp. 1–7. IEEE (2016)

  40. Tavallaee, M., Bagheri, E., Lu, W., Ghorbani, A.A.: A detailed analysis of the KDD Cup 99 data set. In: IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, pp. 1–6. IEEE (2009)

  41. Javadpour, A., Rezaei, S., Li, K.C., Wang, G.: A scalable feature selection and opinion miner using whale optimization algorithm. In: Advances in Signal Processing and Intelligent Recognition Systems, pp. 237–247 (2020)

  42. Bala, R., Nagpal, R.: A review on KDD Cup99 and NSL-KDD dataset. Int. J. Adv. Res. Comput. Sci. (2019). https://doi.org/10.26483/ijarcs.v10i2.6395

    Article  Google Scholar 

  43. Javadpour, A., Rezaei, S., Sangaiah, A.K., Slowik, A., Mahmoodi Khaniabadi, S.: Enhancement in quality of routing service using metaheuristic PSO algorithm in VANET networks. Soft Comput. (2021). https://doi.org/10.1007/s00500-021-06188-0

    Article  Google Scholar 

  44. Ja’fari, F., Mostafavi, S., Mizanian, K., Jafari, E.: An intelligent botnet blocking approach in software defined networks using honeypots. J. Ambient Intell. Humaniz. Comput. 12(2), 2993–3016 (2021)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported in part by the National Key Research and Development Program of China (2020YFB1406902), the Key-Area Research and Development Program of Guangdong Province (2020B0101360001), the Shenzhen Science and Technology Research and Development Foundation (JCYJ20190806143418198), the National Natural Science Foundation of China (NSFC) (61872110), and the Peng Cheng Laboratory Project (PCL2021A02).

Author information

Authors and Affiliations

  1. Department of Computer Science and Technology (Cyberspace Security), Harbin Institute of Technology, Shenzhen, China

    Amir Javadpour & Weizhe Zhang

  2. ADiT-Lab, Electrotechnics and Telecommunications Department, Instituto Politécnico de Viana do Castelo, Porto, Portugal

    Amir Javadpour

  3. ADiT-Lab, Instituto Politécnico de Viana do Castelo, 4900-347, Viana do Castelo, Portugal

    Pedro Pinto

  4. Universidade da Maia, 4475-690, Maia, Portugal

    Pedro Pinto

  5. INESC TEC, 4200-465, Porto, Portugal

    Pedro Pinto

  6. Department of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Forough Ja’fari

Authors
  1. Amir Javadpour
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pedro Pinto
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Forough Ja’fari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Weizhe Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Amir Javadpour or Weizhe Zhang.

Ethics declarations

Conflict of interest

All authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Javadpour, A., Pinto, P., Ja’fari, F. et al. DMAIDPS: a distributed multi-agent intrusion detection and prevention system for cloud IoT environments. Cluster Comput 26, 367–384 (2023). https://doi.org/10.1007/s10586-022-03621-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-022-03621-3

Keywords

Search

Navigation