Abstract
Despite its continuous improvement, cloud computing system is still vulnerable to malicious activities. This has necessitated in constructing an anomaly detection component for discovering anomalies in cloud environment. In this paper, an anomaly detection system at hypervisor layer named hypervisor detector is developed and evaluated to detect the malicious activities in cloud environment. Deployment of fuzzy systems in intrusion detection systems has the ability to detect the presence of uncertain and imprecise nature of anomalies in cloud environment. But they fail in constructing models based on target data. One of the successful approaches based on target data is integration of fuzzy systems with adaptation and learning proficiencies of neural network called adaptive neuro-fuzzy inference system (ANFIS) model. The hypervisor detector is designed and developed with ANFIS and is practiced with a hybrid algorithm, which is a combination of back propagation gradient descent technique with least square method. For experiments, DARPA’s KDD cup dataset is used. The performance analysis and results show that the proposed hypervisor detector based on ANFIS is well designed to detect the anomalies in cloud environment with minimum false negative rate and high detection accuracy.
Similar content being viewed by others
References
Kevin, S.: Security in a virtualized world. J. Netw Secur. 8, 15–18 (2009)
SanjayRam, M., Velmurugan, N., Thirukumaran, S.: Effective analysis of cloud based intrusion detection system. Int. J. Comput. Appl. Inf. Technol. 1(2), 16–22 (2012)
PraveenKumar, P., BhaskarNaik, K.: A survey on cloud based intrusion detection system. Int. J. Softw. Web Sci. 4(2), 98–102 (2013)
Jin, H., Xiang, G., Zou, D., Wu, S., Zhoa, F., Li, M., et al.: A VMM-based intrusion prevention system in cloud computing environment. J. Supercomput. Springer Sci. Bus. Media, LLC. 66(3), 1133–1151 (2013)
Garfinkel, T., Rosenblum, M.: A virtual machine introspection based architecture for intrusion detection. In: Proceedings of Network and Distributed Systems Security Symposium, 191–206 (2003)
Zeenat, M., Chetan, A., Syed, S.H., et al.: Intrusion detection in cloud computing environment using neural network. Int. J. Res. Comput. Eng. Electron. 1(1), 1–4 (2012)
Vikrant, G.D., Atul, G.B., Nikhil, A.A.: Intrusion detection system for cloud computing. Int. J. Eng. Res. Technol. 2(4), 2149–2153 (2013)
Vieira, K., Schulter, A., Westphall, C., Westphall, C.: Intrusion detection techniques in grid and cloud computing environment. Proc. IEEE IT Prof. Mag. IEEE 12(4), 38–43 (2010)
Amjad, H.B., Sabyasachi, P., Debasish, J.: Machine learning approach for intrusion detection on cloud virtual machines. Int. J. Appl. Innov. Eng. Manag. 2(6), 57–66 (2013)
Amirreza, Z., Alireza, Z.: Internet intrusion detection system service in a cloud. Int. J. Comput. Sci. Issues 9(5), 308–315 (2012)
Mohammad, Z.K., Miklas, S.: Computing air demand using the Takagi–Sugeno model for dam outlets. Water 5, 1441–1456 (2013). doi:10.3390/w5031441
Ashok, K., Shankarappa, F.K., Sanker, R.: Modelling & simulation of an ANFIS controller for an AC drive. World J. Modell. Simul. 8(1), 36–49 (2012)
Yong, Q.F., Yin, H.W., Wen, Q.W.: Adaptive fuzzy tracking control with compressor and limiters for uncertain nonlinear systems. Int. J. Fuzzy Syst. 16(1), 31–38 (2014)
Hung, W.L., Wei, S.C., Chia, W.C., Cheng, Y.Y., Yeong, H.C.: Adaptive neuro-fuzzy formation control for leader-follower mobile robots. Int. J. Fuzzy Syst. 15(3), 347–358 (2013)
Kourai, K., Chiba, S.: HyperSpector: virtual distributed monitoring environments for secure intrusion detection. In: Proceedings of International conference on virtual execution environments, ACM, Chicago, pp. 197–207 (2005)
Jones, A.K., Sielken, R.S.: Computer system intrusion detection: a survey. Techreport, 1–25 (2000). Doi:10.1.1.24.7802
Parag, K.S., Sneha, S., Gawande, A.D.: Intrusion detection system for cloud computing. Int. J. Sci. Technol. Res. 1(4), 67–71 (2012)
Dunlap, G.W., King, S.T., Cinar, S., Basrai, M., Chen, P.M.: Revirt: enabling intrusion analysis through virtual machine logging and replay. In: Proceedings of 5th symposium on operating systems design and implementation, USENIX, Boston, 211–224 (2002)
Feng, Z., Jin, H.: Automated approach to intrusion detection in VM-based dynamic execution environment. Comput. Inform. 31, 271–297 (2012)
Ubhale, P.R., Sahu, A.M.: Securing cloud computing environment by means of intrusion detection and prevention system (IDPS). Int. J. Comput. Sci. Manag. Res. 2(5), 2430–2435 (2013)
Otte, C., Tormann, C.: Improving the accuracy of network intrusion detectors by input-dependent stacking. Integr Comput-Aided Eng. 18(3), 291–297 (2011)
Nirmala, A.P., Sridaran, R.: Cloud computing issues at design and implementation levels-a survey. Int. J. Adv. Netw. Appl. 3(6), 1444–1449 (2012)
Farzad, S.: Secure virtualization for cloud environment using hypervisor-based technology. Int. J. Mach. Learn. Comput. 2(1), 39–45 (2012)
Vinothina, V., Sridaran, R., Padmavathi, G.: A survey on resource allocation strategies in cloud computing. Int. J. Adv. Comput. Sci. Appl. 3(6), 97–104 (2012)
Moradi, M., Zulkernine, M.: A neural network based system for intrusion detection and Classification of attacks. In: Proceedings of the 2004 IEEE international conference on advances in intelligent systems, theory and applications,1–6, 2004
Jang, J.S.R.: ANFIS: adaptive-network-based fuzzy inference systems. IEEE Trans. Syst. Man Cybern. 23(3), 665–685 (1993)
Guler, I., Ubeyli, E.D.: Application of adaptive neuro-fuzzy inference system for detection of electrocardiographic changes in patients with partial epilepsy using feature extraction. Expert Syst. Appl. 27, 323–330 (2004)
Guler, I., Ubeyli, E.D.: Adaptive neuro-fuzzy inference system for classification of EEG signals using wavelet coefficients. J. Neurosci. Methods 148(2), 113–122 (2005)
Fallahpour, A.R., Moghassem, A.R.: Yarn strength modeling using adaptive neuro-fuzzy inference system (ANFIS) and gene expression programming (GEP). J. Eng. Fibers Fabr. 8(4), 6–18 (2013)
Tavallaee, M., Bagheri, E., Wei, L., Ghorbani, A.: Detailed analysis of the KDD CUP 99 Data Set. In: Proceedings of IEEE symposium on computational intelligence in security and defense Applications, Ottawa. pp. 1–6 (2009)
Loganathan, C., Girija, K.V.: Hybrid learning for adaptive neuro fuzzy inference system. Int. J. Eng. Sci. 2(11), 6–13 (2013)
Gang, W., Jinxing, H., Jian, M., Lihua, H.: A new approach to intrusion detection using artificial neural networks and fuzzy clustering. Expert Syst. Appl. 37(9), 6225–6232 (2010)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ganeshkumar, P., Pandeeswari, N. Adaptive Neuro-Fuzzy-Based Anomaly Detection System in Cloud. Int. J. Fuzzy Syst. 18, 367–378 (2016). https://doi.org/10.1007/s40815-015-0080-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40815-015-0080-x