Abstract
Intrusion detection has emerged as one of the major challenges involved in the cloud forensics. This work introduces an intrusion detection framework for the cloud environment with clustering and two-level classifiers. In the first step of the process, a Bayesian fuzzy clustering is used for clustering the nodes in the cloud. And in the next step, two-level gravitational group search-based support vector neural network (GG-SVNN) classifier identifies intrusion in clusters. GG-SVNN is a novel optimization scheme proposed in this work, by combining the group search optimizer, and gravitational search algorithm. The intrusion information provided by level 1 classifier is arranged to form compact data, and provided to the level 2 classifier. The level 2 classifier finally identifies total nodes affected by the intruders. The simulation of the proposed intrusion detection is done with the help of KDD cup dataset. From the simulation results, it is evident that the proposed GG-SVNN classifier has achieved overall best performance by achieving high accuracy value of 92.41% and low false alarm rate of 4.75% respectively.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs12065-020-00410-y/MediaObjects/12065_2020_410_Fig6_HTML.png)
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Duncan A, Creese S, Goldsmit M, Quinton JS (2013) Cloud computing: insider attacks on virtual machines during migration. In: Proceedings of the 12th IEEE international conference on trust, security and privacy in computing and communications, Melbourne, Australia, 2013
Nezarat A, Shams Y (2017) A game theoretic-based distributed detection method for VM-to-hypervisor attacks in cloud environment. J Supercomput, pp 1–21
2007 Malware Report: Executive Summary, https://www.computereconomics.com/article.cfm?id=1225. Accessed August 2017.
Bhat AH, Patra S, Jena D (2013) Machine sachines. Int J Appl Innov Eng Manag (IJAIEM) 2(6):56–66s
Koch R, Golling M, Rodosek GD (2014) Behavior-based intrusion detection in encrypted environments. IEEE Commun Mag 52(7):124–131
Varun C, Banerjee A, Kumar V (2009) Anomaly detection: a survey. ACM Comput Surv (CSUR) 41(3):1–72
Guo C, Ping Y, Liu N, Luo S-S (2016) A two-level hybrid approach for intrusion detection. Neurocomputing 214:391–400
Cole E, Krutz R, Conley JW (2005) Network security bible. Wiley Publishing Inc, New York
Eskin E, Arnold A, Prerau M, Portnoy L, Stolfo S (2002) A geometric framework for unsupervised anomaly detection: detecting intrusions in unlabeled data. Appl Data Min Comput Secur Part Adv Inf Secur Book Ser 6:77–101
Portnoy L, Eskin E, Stolfo S (2001) Intrusion detection with unlabeled data using clustering. In: Proceedings of ACM CSS workshop on data mining applied to security (DMSA-2001), Philadelphia, USA, pp 5–8
The UCI KDD Archive (2017) KDD cup 1999 data. https://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed Aug 2017.
Lee, W, Salvatore JS, Chan PK, Eskin E, Fan W, Miller M, Hershkop S, Zhang J (2001) Real time data mining-based intrusion detection. In: Proceedings of IEEE DARPA information survivability conference & exposition II, DISCEX'01, Anaheim, USA, vol 1, pp 89–100
Rashedi E, Nezamabadi-pour H, Saryazdi S (2009) GSA: a gravitational search algorithm. Inf Sci 179(13):2232–2248
He S, Wu QH, Saunders JR (2009) Group search optimizer: an optimization algorithm inspired by animal searching behavior. IEEE Trans Evol Comput 13(5):973–990
Deng S, Zhou A-H, Yue D, Bin Hu, Zhu L-P (2017) Distributed intrusion detection based on hybrid gene expression programming and cloud computing in a cyber-physical power system. IET Control Theory Appl 11(11):1822–1829
Raja S, Ramaiah S (2017) An efficient fuzzy-based hybrid system to cloud intrusion detection. Int J Fuzzy Syst 19(1):62–77
Deshpande P, Sharma SC, Peddoju SK, Junaid S (2014) HIDS: A host based intrusion detection system for cloud computing environment. Int J Syst Assur Eng Manag 9:567–576
Chou H-H, Wang S-D (2015) An adaptive network intrusion detection approach for the cloud environment. In: Proceedings of the international Carnahan conference on security technology (ICCST), Taipei, Taiwan, pp1–6
Ganeshkumar P, Pandeeswari N (2016) Adaptive Neuro-Fuzzy-Based Anomaly Detection System in Cloud. Int J Fuzzy Syst 18(3):367–378
Pandeeswari N, Kumar G (2016) Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mobile Netw Appl 21(3):494–505
Glenn TC, Zare A, Gader PD (2015) Bayesian fuzzy clustering. IEEE Trans Fuzzy Syst 23(5):1545–1561
Mukkamala S, Sung AH, Abraham A (2003) Intrusion detection using ensemble of soft computing paradigms. Proc Intell Syst Des Appl Adv Soft Computing 23:239–248
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Tummalapalli, S.R.K., Chakravarthy, A.S.N. Intrusion detection system for cloud forensics using bayesian fuzzy clustering and optimization based SVNN. Evol. Intel. 14, 699–709 (2021). https://doi.org/10.1007/s12065-020-00410-y
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12065-020-00410-y