Toggle Main Menu Toggle Search

Open Access padlockePrints

En-ABC: An ensemble artificial bee colony based anomaly detection scheme for cloud environment

Lookup NU author(s): Dr Gagangeet Aujla, Professor Graham MorganORCiD, Professor Raj Ranjan


Full text for this publication is not currently held within this repository. Alternative links are provided below where available.


© 2019 Elsevier Inc. With an exponential increase in the usage of different types of services and applications in cloud computing environment, the identification of malicious behavior of different nodes becomes challenging due to the diversity of traffic patterns generated from various services and applications. Most of the existing solutions reported in the literature are restricted with respect to the usage of a specific technique applicable to single class datasets. But in real life scenarios, applications and services especially in cloud environment may have multi-class datasets. Moreover, non-linear behavior among the dataset attributes generates additional challenges for identification of nodes behavior, and it has not been exploited to its full potential in the existing solutions. This can lead to performance bottlenecks with respect to the identification of malicious behavior of different nodes. Motivated from these facts, this paper proposes an Ensemble Artificial Bee Colony based Anomaly Detection Scheme (En-ABC) for multi-class datasets in cloud environment. En-ABC has following components for identification of malicious behavior of nodes-(i) feature selection and optimization, (ii) data clustering, and (iii) identification of anomalous behavior of nodes. The feature selection and optimization model in En-ABC has been built using Restricted Boltzmann Machine and Unscented Kalman Filter (to handle the non-linear behavior of dataset attributes) respectively. Moreover, Artificial Bee Colony-based Fuzzy C-means clustering technique is used to obtain an optimal clustering based on two objective functions, i.e., Mean Square Deviation and Dunn Index (to handle the participation of attributes in multiple clustered datasets). Then, a profile of normal/abnormal behavior has been built using clustering results for detection of the anomalies. Finally, the performance of the proposed scheme has been compared with the existing schemes (CM, SVM, ML-IDS and MSADA) using various parameters such as-detection, false alarm, and accuracy rates. Experimental results on benchmark (NSL-KDD, NAB and IBRL) and synthetic datasets validate the effectiveness of the proposed scheme.

Publication metadata

Author(s): Garg S, Kaur K, Batra S, Aujla GS, Morgan G, Kumar N, Zomaya AY, Ranjan R

Publication type: Article

Publication status: Published

Journal: Journal of Parallel and Distributed Computing

Year: 2020

Volume: 135

Pages: 219-233

Print publication date: 01/01/2020

Online publication date: 28/09/2019

Acceptance date: 18/09/2019

ISSN (print): 0743-7315

ISSN (electronic): 1096-0848

Publisher: Academic Press Inc.


DOI: 10.1016/j.jpdc.2019.09.013


Altmetrics provided by Altmetric