Abstract
The rate of using cloud service is increased in recent years. The service provided by cloud computing (CC) is pre-owned by various laptops, smartphones, desktop computers, and notebook users. Cloud service enable the authorization practice due to an increasing number of cloud service users. Cloud service employs different host to deliver service to the users. But some hosts may be malicious and steal the user’s information or else it provides an unwanted file instead of original files to the user. In previous works, this malicious hosts are identified by site re-routing links, distinguishing file types and so on. The main impact of this malicious host is that it delivers infected data or files to the user or it divert the user to the non-requested data and files. In this paper, we focus on identification and classification of malicious hosts. The host list is examined to extract the features of malicious host by applying firefly algorithm. This identified features are then pre-processed by principal component analysis (PCA) method. The Deep Neural Network based Shuffled Frog Leap Optimization (DNN-SFLO) algorithm is a famous deep learning (DL) approach proposed to test the optimized weights of an identified features. DNN-SFLO accurately detects the malicious host, because the presence of malicious host may affect the cloud service. Performance of DNN-SFLO based host detection is compared with Naïve Bayes, Neural Network (NN), Artificial NN (ANN), Fuzzy C-Means (FCM), Fuzzy k-Nearest Neighbour (FKNN), Support vector machine (SVM). Implementation for this host detection process is carried out in python. The performance metrics taken to evaluate the effectiveness of DNN-SFLO is F-measure, precision, G-mean, sensitivity, error detection probability, and recall
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdel-Hamid NB, ElGhamrawy S, El Desouky A, Arafat H (2018) A dynamic spark-based classification framework for imbalanced big data. J Grid Comput 16(4):607–626
Ahmad MSK, Lalitha Bhaskari D (2016) Cloud Forensics-A Framework for investigating Cyber Attacks in cloud environment. Procedia Computer Science 85:149–154
Ameer P, Lazarescu M, Soh ST (2018) Towards a practical cloud forensics logging framework. J Inf Secur Appl 42:18–28
Arar ÖF, Ayan K (2015) Software defect prediction using cost-sensitive neural network. Appl Soft Comput 33:263–277
Bailey SF, Scheible MK, Williams C et al (2017) Secure and robust cloud computing for high-throughput forensic microsatellite sequence analysis and databasing. Forensic Sci Int: Genet 31:40–47
Biggs S and Vidalis S (2009) Cloud computing: The impact on digital forensic investigations. In ICITST 2009 International Conference for Internet Technology and Secured Transactions, 2009, pp 1–6. IEEE.
Birk D and Wegener C (2011) Technical issues of forensic investigations in cloud computing environments. In 2011 IEEE Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE), pp 1–10. IEEE.
Bi M, Jian X, Wang M, Zhou F (2016) Anomaly detection model of user behavior based on principal component analysis. J Ambient Intell Humaniz Comput 7(4):547–554
Cahyani NDW, Martini B, Choo KKR, Al-Azhar AMN (2017) Forensic data acquisition from cloud-of-things devices: windows Smartphones as a case study. Concurr Comput: Pract Exp 29(14):e3855
Canali C, Lancellotti R (2014) Improving scalability of cloud monitoring through PCA-based clustering of virtual machines. J Comput Sci Technol 29(1):38–52
Dykstra J, Sherman AT (2012) Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques. Digit Investig 9:S90–S98
Esposito C, Castiglione A, Martini A et al (2016) Cloud manufacturing: security, privacy, and forensic concerns. IEEE Cloud Comput 3(4):16–22
Ghorbani MA, Shamshirband S, Haghi DZ et al (2017) Application of firefly algorithm-based support vector machines for prediction of field capacity and permanent wilting point. Soil Tillage Res 172:32–38
Hay B, Nance K and Bishop M (2011) Storm clouds rising: security challenges for IaaS cloud computing. In 2011 44th Hawaii International Conference on System Sciences (HICSS), pp 1–7. IEEE
Imran A, Aljawarneh S, Sakib K (2016) web data amalgamation for security engineering: digital forensic investigation of open source cloud. J UCS 22(4):494–520
Jichao Hu, Yue Fu (2015) Task scheduling model of cloud computing based on firefly algorithm. Int J Hybrid Inf Technol 8(8):35–46
Kaur G, and Kaur K. (2017) An Adaptive Firefly Algorithm for Load Balancing in Cloud Computing. In Proceedings of Sixth International Conference on Soft Computing for Problem Solving, pp 63–72. Springer, Singapore.
Kaur P, Mehta S (2017) Resource provisioning and work flow scheduling in clouds using augmented Shuffled Frog Leaping Algorithm. J Parallel Distrib Comput 101:41–50
Keyun R, Carthy J, Kechadi T et al. (2011) Cloud forensics. In IFIP International Conference on Digital Forensics, pp 35–46. Springer, Berlin, Heidelberg.
Ko RK, Jagadpramana P, Mowbray M et al. (2011) TrustCloud: A framework for accountability and trust in cloud computing. In IEEE World Congress on Services (SERVICES), (pp 584–588). IEEE.
Kumudha P, Venkatesan R (2016) Cost-sensitive radial basis function neural network classifier for software defect prediction. Sci World J. https://doi.org/10.1155/2016/2401496
Lillard, Terrence V (2010) Digital forensics for network, Internet, and cloud computing: a forensic evidence guide for moving targets and data. Syngress Publishing.
Manjula C, Florence L (2018) Deep neural network based hybrid approach for software defect prediction using software metrics. Cluster Comput 22(S4):9847–9863
Martini B, Choo K-KR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80
Mirsky Y, Doitshman T, Elovici Y et al. 2018. Kitsune: an ensemble of autoencoders for online network intrusion detection. Conference: Network and Distributed System Security Symposium
Owen J-A (2014) Principal component analysis: data reduction and simplification. McNair Scholars Res J 1(1):2
Pajouh HH, Javidan R, Khayami R, Ali D, Choo KKR (2016) A two-layer dimension reduction and two-tier classification model for anomaly-based intrusion detection in IoT backbone networks. IEEE Trans Emerg Topics Comput 7(2):314–323
Pajouh HH, Dastghaibyfard G, Hashemi S (2017) Two-tier network anomaly detection model: a machine learning approach. J Intell Inf Syst 48(1):61–74
Pandeeswari N, Kumar G (2016) Anomaly detection system in cloud environment using fuzzy clustering based ANN. Mobile Netw Appl 21(3):494–505
Planque B, Arneberg P (2017) Principal component analyses for integrated ecosystem assessments may primarily reflect methodological artefacts. ICES J Marine Sci 75(3):1021–1028
Jiang Qi, Ma J, Wei F (2018) On the security of a privacy-aware authentication scheme for distributed mobile cloud computing services. IEEE Syst J 12(2):2039–2042
Rahman Ab, Hidayah N, Choo K-KR (2015) A survey of information security incident handling in the cloud. Comput Secur 49:45–69
Rahman A, Hidayah N, Glisson WB et al. (2016) Forensic-by-design framework for cyber-physical cloud systems. IEEE Cloud Comput 3(1):50–59
Rahman A, Hidayah N, Cahyani NDW et al (2017) Cloud incident handling and forensic-by-design: cloud storage as a case study. Concurr Comput: Pract Exp 29(14):e3868
Ruan K, Baggili I, Carthy J et al. (2011) Survey on cloud forensics and critical criteria for cloud forensic capability: A preliminary analysis.
Ruan K, Carthy J, Kechadi T, Baggili I (2013) Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results. Digit Investig 10(1):34–43
Sang T (2013) A log based approach to make digital forensics easier on cloud computing. In 2013 Third International Conference on Intelligent System Design and Engineering Applications (ISDEA), pp 91–94. IEEE
Saraç E and Özel SA (2013) Web page classification using firefly optimization. In 2013 IEEE International Symposium on Innovations in Intelligent Systems and Applications (INISTA), pp 1–5. IEEE.
Shaikh FB and Haider S (2011) Security threats in cloud computing. In 2011 international conference for Internet technology and secured transactions (ICITST), pp 214–219. IEEE.
Shan, W. and Nie, S.P., 2017, July. Shuffled frog-leaping algorithm based neural network and its using in big data set. In 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD) (pp 707–711). IEEE.
Sood SK, Mahajan I (2017) Wearable IoT sensor based healthcare system for identifying and controlling chikungunya virus. Comput Ind 91:33–44
Tanjim MM and Adnan MA (2018) Sketch: A Scalable Sketching Technique for PCA in the Cloud. In Proceedings of the Eleventh ACM International Conference on Web Search and Data Mining, pp 574–582. ACM.
Wang Y, Uehara T, and Sasaki T (2015) Fog computing: Issues and challenges in security and forensics. In Computer Software and Applications Conference (COMPSAC), 2015 IEEE 39th Annual, vol. 3, pp 53–59. IEEE.
Wang S, Zhou J, Liu JK, Jianping Yu, Chen J, Xie W (2016) An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(6):1265–1277
Wang H, Wang W, Cui L et al (2017) A hybrid multi-objective firefly algorithm for big data optimization. Appl Soft Comput 69:805–815
Zawoad S, Dutta A, Hasan R (2016) Towards building forensics enabled cloud through secure logging-as-a-service. IEEE Trans Dependable Secure Comput 1:1–1
Ziyan Sheriff M, Majdi Mansouri M, Karim N (2017) Fault detection using multiscale PCA-based moving window GLRT. J Process Control 54:47–64
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Nandita, G., Munesh Chandra, T. Malicious host detection and classification in cloud forensics with DNN and SFLO approaches. Int J Syst Assur Eng Manag 15, 578–590 (2024). https://doi.org/10.1007/s13198-021-01168-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13198-021-01168-x