scispace - formally typeset
Search or ask a question
Author

Parag K. Shelke

Bio: Parag K. Shelke is an academic researcher. The author has contributed to research in topics: Intrusion detection system & Cloud computing. The author has an hindex of 1, co-authored 1 publications receiving 78 citations.

Papers
More filters
Journal Article
TL;DR: This work proposes a new multi-threaded distributed cloud IDS model that handles large flow of data packets, analyze them and generate reports efficiently by integrating knowledge and behavior analysis to detect intrusions.
Abstract: Providing security in a distributed system requires more than user authentication with passwords or digital certificates and confidentiality in data transmission. Distributed model of cloud makes it vulnerable and prone to sophisticated distributed intrusion attacks like Distributed Denial of Service (DDOS) and Cross Site Scripting (XSS). To handle large scale network access traffic and administrative control of data and application in cloud, a new multi-threaded distributed cloud IDS model has been proposed. Our proposed cloud IDS handles large flow of data packets, analyze them and generate reports efficiently by integrating knowledge and behavior analysis to detect intrusions. ————————————————————

86 citations


Cited by
More filters
Journal ArticleDOI
TL;DR: This work proposes an anomaly detection system at the hypervisor layer named Hypervisor Detector that uses a hybrid algorithm which is a mixture of Fuzzy C-Means clustering algorithm and Artificial Neural Network to improve the accuracy of the detection system.
Abstract: Cloud computing affords lot of resources and computing facilities through Internet Cloud systems attract many users with its desirable features In spite of them, Cloud systems may experience severe security issues Thus, it is essential to create an Intrusion Detection System (IDS) to detect both insider and outsider attacks with high detection accuracy in cloud environment This work proposes an anomaly detection system at the hypervisor layer named Hypervisor Detector that uses a hybrid algorithm which is a mixture of Fuzzy C-Means clustering algorithm and Artificial Neural Network (FCM-ANN) to improve the accuracy of the detection system The proposed system is implemented and compared with Naive Bayes classifier and Classic ANN algorithm The DARPA's KDD cup dataset 1999 is used for experiments Based on extensive theoretical and performance analysis, it is evident that the proposed system is able to detect the anomalies with high detection accuracy and low false alarm rate even for low frequent attacks thereby outperforming Naive Bayes classifier and Classic ANN

154 citations

Journal ArticleDOI
TL;DR: The proposed threat intelligence technique is designed based on beta mixture-hidden Markov models (MHMMs) for discovering anomalous activities against both physical and network systems, and is evaluated on two well-known datasets.
Abstract: Industry 4.0 represents the fourth phase of industry and manufacturing revolution, unique in that it provides Internet-connected smart systems, including automated factories, organizations, development on demand, and ‘just-in-time’ development. Industry 4.0 includes the integration of cyber-physical systems (CPSs), Internet of Things (IoT), cloud and fog computing paradigms for developing smart systems, smart homes, and smart cities. Given Industry 4.0 is comprised sensor fields, actuators, fog and cloud processing paradigms, and network systems, designing a secure architecture faces two major challenges: handling heterogeneous sources at scale and maintaining security over a large, disparate, data-driven system that interacts with the physical environment. This paper addresses these challenges by proposing a new threat intelligence scheme that models the dynamic interactions of industry 4.0 components including physical and network systems. The scheme consists of two components: a smart management module and a threat intelligence module. The smart data management module handles heterogeneous data sources, one of the foundational requirements for interacting with an Industry 4.0 system. This includes data to and from sensors, actuators, in addition to other forms of network traffic. The proposed threat intelligence technique is designed based on beta mixture-hidden Markov models (MHMMs) for discovering anomalous activities against both physical and network systems. The scheme is evaluated on two well-known datasets: the CPS dataset of sensors and actuators and the UNSW-NB15 dataset of network traffic. The results reveal that the proposed technique outperforms five peer mechanisms, suggesting its effectiveness as a viable deployment methodology in real-Industry 4.0 systems.

94 citations

Journal ArticleDOI
01 Dec 2020
TL;DR: This paper aims to present a comprehensive survey of intrusion detection systems that use computational intelligence (CI) methods in a (mobile) cloud environment and defines a taxonomy for IDS and classify CI-based techniques into single and hybrid methods.
Abstract: With the increasing utilization of the Internet and its provided services, an increase in cyber-attacks to exploit the information occurs. A technology to store and maintain user's information that is mostly used for its simplicity and low-cost services is cloud computing (CC). Also, a new model of computing that is noteworthy today is mobile cloud computing (MCC) that is used to reduce the limitations of mobile devices by allowing them to offload certain computations to the remote cloud. The cloud environment may consist of critical or essential information of an organization; therefore, to prevent this environment from possible attacks a security solution is needed. An intrusion detection system (IDS) is a solution to these security issues. An IDS is a hardware or software device that can examine all inside and outside network activities and recognize doubtful patterns that may demonstrate a network attack and automatically alert the network (or system) administrator. Because of the ability of an IDS to detect known/unknown (inside/outside) attacks, it is an excellent choice for securing cloud computing. Various methods are used in an intrusion detection system to recognize attacks more accurately. Unlike survey papers presented so far, this paper aims to present a comprehensive survey of intrusion detection systems that use computational intelligence (CI) methods in a (mobile) cloud environment. We firstly provide an overview of CC and MCC paradigms and service models, also reviewing security threats in these contexts. Previous literature is critically surveyed, highlighting the advantages and limitations of previous work. Then we define a taxonomy for IDS and classify CI-based techniques into single and hybrid methods. Finally, we highlight open issues and future directions for research on this topic.

91 citations

Journal ArticleDOI
TL;DR: An adversarial statistical learning mechanism for anomaly detection, outlier Dirichlet mixture-based ADS (ODM-ADS), which has three new capabilities, which can self-adapt against data poisoning attacks that inject malicious instances in the training phase for disrupting the learning process.
Abstract: Current anomaly detection systems (ADSs) apply statistical and machine learning algorithms to discover zero-day attacks, but such algorithms are vulnerable to advanced persistent threat actors. In this paper, we propose an adversarial statistical learning mechanism for anomaly detection, outlier Dirichlet mixture-based ADS (ODM-ADS), which has three new capabilities. First, it can self-adapt against data poisoning attacks that inject malicious instances in the training phase for disrupting the learning process. Second, it establishes a statistical legitimate profile and considers variations from the baseline of the profile as anomalies using a proposed outlier function. Third, to deal with dynamic and large-scale networks such as Internet of Things and cloud and fog computing, we suggest a framework for deploying the mechanism as Software as a Service in the fog nodes. The fog enables the proposed mechanism to concurrently process streaming data at the edge of the network. The ODM-ADS mechanism is evaluated using both NSL-KDD and UNSW-NB15 datasets, whose findings indicate that ODM-ADS outperforms seven other peer algorithms in terms of accuracy, detection rates, false positive rates, and computational time.

90 citations

Proceedings ArticleDOI
01 Dec 2013
TL;DR: This paper provides an overview of different intrusions in cloud and analyzes some existing cloud based intrusion detection systems with respect to their type, positioning, detection time, detection technique, data source and attacks they can detect.
Abstract: Today, Cloud Computing is the preferred choice of every IT organization since it provides flexible and pay-per-use based services to its users However, the security and privacy is a major hurdle in its success because of its open and distributed architecture that is vulnerable to intruders Intrusion Detection System (IDS) is the most commonly used mechanism to detect attacks on cloud This paper provides an overview of different intrusions in cloud Then, we analyze some existing cloud based intrusion detection systems (IDS) with respect to their type, positioning, detection time, detection technique, data source and attacks they can detect The analysis also provides limitations of each technique to evaluate whether they fulfill the security requirements of cloud computing environment or not We emphasize the deployment of IDS that uses multiple detection methods to cope with security challenges in cloud

59 citations