TY - GEN
T1 - Supervised machine learning techniques for efficient network intrusion detection
AU - Aboueata, Nada
AU - Alrasbi, Sara
AU - Erbad, Aiman
AU - Kassler, Andreas
AU - Bhamare, Deval
N1 - Publisher Copyright:
© 2019 IEEE.
PY - 2019/7
Y1 - 2019/7
N2 - Cloud computing is gaining significant traction and virtualized data centers are becoming popular as a cost-effective infrastructure in telecommunication industry. Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) are being widely deployed and utilized by end users, including many private as well as public organizations. Despite its wide-spread acceptance, security is still the biggest threat in cloud computing environments. Users of cloud services are under constant fear of data loss, security breaches, information theft and availability issues. Recently, learning-based methods for security applications are gaining popularity in the literature with the advents in machine learning (ML) techniques. In this work, we explore applicability of two well-known machine learning approaches, which are, Artificial Neural Networks (ANN) and Support Vector Machines (SVM), to detect intrusions or anomalous behavior in the cloud environment. We have developed ML models using ANN and SVM techniques and have compared their performances. We have used UNSW-NB-15 dataset to train and test the models. In addition, we have performed feature engineering and parameter tuning to find out optimal set of features with maximum accuracy to reduce the training time and complexity of the ML models. We observe that with proper features set, SVM and ANN techniques have been able to achieve anomaly detection accuracy of 91% and 92% respectively, which is higher compared against that of the one achieved in the literature, with reduced number of features needed to train the models.
AB - Cloud computing is gaining significant traction and virtualized data centers are becoming popular as a cost-effective infrastructure in telecommunication industry. Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) are being widely deployed and utilized by end users, including many private as well as public organizations. Despite its wide-spread acceptance, security is still the biggest threat in cloud computing environments. Users of cloud services are under constant fear of data loss, security breaches, information theft and availability issues. Recently, learning-based methods for security applications are gaining popularity in the literature with the advents in machine learning (ML) techniques. In this work, we explore applicability of two well-known machine learning approaches, which are, Artificial Neural Networks (ANN) and Support Vector Machines (SVM), to detect intrusions or anomalous behavior in the cloud environment. We have developed ML models using ANN and SVM techniques and have compared their performances. We have used UNSW-NB-15 dataset to train and test the models. In addition, we have performed feature engineering and parameter tuning to find out optimal set of features with maximum accuracy to reduce the training time and complexity of the ML models. We observe that with proper features set, SVM and ANN techniques have been able to achieve anomaly detection accuracy of 91% and 92% respectively, which is higher compared against that of the one achieved in the literature, with reduced number of features needed to train the models.
KW - Artificial Neural Networks
KW - Cloud Computing
KW - Intrusion Detection
KW - Support Vector Machines
UR - http://www.scopus.com/inward/record.url?scp=85073165460&partnerID=8YFLogxK
U2 - 10.1109/ICCCN.2019.8847179
DO - 10.1109/ICCCN.2019.8847179
M3 - Conference contribution
AN - SCOPUS:85073165460
T3 - Proceedings - International Conference on Computer Communications and Networks, ICCCN
BT - ICCCN 2019 - 28th International Conference on Computer Communications and Networks
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 28th International Conference on Computer Communications and Networks, ICCCN 2019
Y2 - 29 July 2019 through 1 August 2019
ER -