Browse by author
Lookup NU author(s):
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
© 2019 Elsevier Inc. With an exponential increase in the usage of different types of services and applications in cloud computing environment, the identification of malicious behavior of different nodes becomes challenging due to the diversity of traffic patterns generated from various services and applications. Most of the existing solutions reported in the literature are restricted with respect to the usage of a specific technique applicable to single class datasets. But in real life scenarios, applications and services especially in cloud environment may have multi-class datasets. Moreover, non-linear behavior among the dataset attributes generates additional challenges for identification of nodes behavior, and it has not been exploited to its full potential in the existing solutions. This can lead to performance bottlenecks with respect to the identification of malicious behavior of different nodes. Motivated from these facts, this paper proposes an Ensemble Artificial Bee Colony based Anomaly Detection Scheme (En-ABC) for multi-class datasets in cloud environment. En-ABC has following components for identification of malicious behavior of nodes-(i) feature selection and optimization, (ii) data clustering, and (iii) identification of anomalous behavior of nodes. The feature selection and optimization model in En-ABC has been built using Restricted Boltzmann Machine and Unscented Kalman Filter (to handle the non-linear behavior of dataset attributes) respectively. Moreover, Artificial Bee Colony-based Fuzzy C-means clustering technique is used to obtain an optimal clustering based on two objective functions, i.e., Mean Square Deviation and Dunn Index (to handle the participation of attributes in multiple clustered datasets). Then, a profile of normal/abnormal behavior has been built using clustering results for detection of the anomalies. Finally, the performance of the proposed scheme has been compared with the existing schemes (CM, SVM, ML-IDS and MSADA) using various parameters such as-detection, false alarm, and accuracy rates. Experimental results on benchmark (NSL-KDD, NAB and IBRL) and synthetic datasets validate the effectiveness of the proposed scheme.
Author(s): Garg S, Kaur K, Batra S, Aujla GS, Morgan G, Kumar N, Zomaya AY, Ranjan R
Publication type: Article
Publication status: Published
Journal: Journal of Parallel and Distributed Computing
Print publication date: 01/01/2020
Online publication date: 28/09/2019
Acceptance date: 18/09/2019
ISSN (print): 0743-7315
ISSN (electronic): 1096-0848
Publisher: Academic Press Inc.
Altmetrics provided by Altmetric