Cloud Insider Attack Detection Using Machine Learning
01 Sep 2018-
TL;DR: An Improvised Long Short-Term Memory (ILSTM) model which learns the behavior of a user and automatically trains itself and stores the behavioral data and reduces the false alarm in the cloud network.
Abstract: Security has always been a major issue in cloud. Data sources are the most valuable and vulnerable information which is aimed by attackers to steal. If data is lost, then the privacy and security of every cloud user are compromised. Even though a cloud network is secured externally, the threat of an internal attacker exists. Internal attackers compromise a vulnerable user node and get access to a system. They are connected to the cloud network internally and launch attacks pretending to be trusted users. Machine learning approaches are widely used for cloud security issues. The existing machine learning based security approaches classify a node as a misbehaving node based on short-term behavioral data. These systems do not differentiate whether a misbehaving node is a malicious node or a broken node. To address this problem, this paper proposes an Improvised Long Short-Term Memory (ILSTM) model which learns the behavior of a user and automatically trains itself and stores the behavioral data. The model can easily classify the user behavior as normal or abnormal. The proposed ILSTM not only identifies an anomaly node but also finds whether a misbehaving node is a broken node or a new user node or a compromised node using the calculated trust factor. The proposed model not only detects the attack accurately but also reduces the false alarm in the cloud network.
Citations
More filters
TL;DR: In this paper, the authors proposed a highly scalable hybrid DL-driven SDN-enabled framework for efficient and timely detection of sophisticated IoMT malwares, which leverages the underlying IoMT resource constrained devices without exhaustion.
28 citations
01 Aug 2020
TL;DR: The proposed research study is performed on the different frameworks used for Cyber-attack detection using learning approach, which proves the importance of machine learning and deep learning in Cyber physical system for detecting the threats in a better way.
Abstract: Cyber physical system is the most widely used infrastructure for solving different challenges in our day to day lives. In big data environment, taking a correct and rapid decision remains as a big task. Internet of Things or cyber physical systems will be used for transforming the manufacturing industry and other applications to the next level. But, along with these benefits of Cyber physical system, there are numerous problems that one face in their life due to the lack of smart analytical tools that affect the industries, which are not handling the large amount of data generated from the Internet connected devices. Even the skilled people are unable to handle, track or analyze these infrastructures. This creates a necessity for the integration of ML and cyber security in CPS, where it makes the skilled people to track threats on web within a less time period. The proposed research study is performed on the different frameworks used for Cyber-attack detection using learning approach, this proves the importance of machine learning and deep learning in Cyber physical system for detecting the threats in a better way. Security analytics is used by various researchers and also by using it one can prioritize the signals and alerts. The proposed study on different attacks has also highlighted the researchers to be more aware about uncommon attacks that can become very dangerous. Further, the study of various works done in analyzing different attacks are done using various approaches and dataset that is covered along with pros and cons to help in choosing the best approach according to the requirement.
7 citations
Additional excerpts
...Various types of attacks defined are [11-25]:...
[...]
5 citations
01 Jan 2019
TL;DR: This list of icons and symbols from around the world shows the variety of icons, symbols and symbols that have been discovered over the years and how their use has changed over time.
Abstract: .................................................................................................................................. iii ACKNOWLEDGEMENTS ............................................................................................................ v LIST OF TABLES ....................................................................................................................... viii LIST OF FIGURES ........................................................................................................................ x
4 citations
Cites background or methods from "Cloud Insider Attack Detection Usin..."
...Improved Long Short-Term Memory model [37] is an supervised learning model proposed by Nathezhtha et all....
[...]
...Nathezhtha et all proposed an Improvised Long Short-Term Memory (ILTSM) model [37]...
[...]
23 Sep 2022
TL;DR: In this article , the authors proposed an IoMT-based healthcare framework called prenatal healthcare system of remote mother and fetal surveillance through IoMT, where the data collected through the IoMT devices will be transmitted to server and will be analyzed through AI/ML module.
Abstract: In recent years, as hospitals utilize the internet of medical things (IoMT) for medical applications, edge computing has played an important role in distant healthcare systems. Human life has gotten smarter in the era of pervasive computing, thanks to the newest breakthroughs in IoMT, wearable sensors, and communication technologies to give smart healthcare services. IoMT can completely transform the healthcare business. IoMT uses software and information and communication technology (ICT) to connect wearable sensors, patients, healthcare professionals, and carers. Patients are given extensive supportive information to help them get through their recoveries. In this chapter, the authors aim to propose an IoMT-based healthcare framework called prenatal healthcare system of remote mother and fetal surveillance through IoMT. The data collected through the IoMT devices will be transmitted to server and will be analyzed through AI/ML module. On the signal of any abnormality, the central system will alarm attending doctors about the individual mother and fetus to take necessary action.
References
More filters
Journal Article•
TL;DR: Scikit-learn is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems, focusing on bringing machine learning to non-specialists using a general-purpose high-level language.
Abstract: Scikit-learn is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems. This package focuses on bringing machine learning to non-specialists using a general-purpose high-level language. Emphasis is put on ease of use, performance, documentation, and API consistency. It has minimal dependencies and is distributed under the simplified BSD license, encouraging its use in both academic and commercial settings. Source code, binaries, and documentation can be downloaded from http://scikit-learn.sourceforge.net.
47,974 citations
"Cloud Insider Attack Detection Usin..." refers background in this paper
...The supervised learning is a prediction about the future and the known data [5, 6]....
[...]
Posted Content•
TL;DR: Scikit-learn as mentioned in this paper is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems.
Abstract: Scikit-learn is a Python module integrating a wide range of state-of-the-art machine learning algorithms for medium-scale supervised and unsupervised problems. This package focuses on bringing machine learning to non-specialists using a general-purpose high-level language. Emphasis is put on ease of use, performance, documentation, and API consistency. It has minimal dependencies and is distributed under the simplified BSD license, encouraging its use in both academic and commercial settings. Source code, binaries, and documentation can be downloaded from this http URL.
28,898 citations
01 Jan 2006
TL;DR: This research identifies a set of features that are key to the superior performance under the supervised learning setup, and shows that a small subset of features always plays a significant role in the link prediction job.
Abstract: Social network analysis has attracted much attention in recent years. Link prediction is a key research directions within this area. In this research, we study link prediction as a supervised learning task. Along the way, we identify a set of features that are key to the superior performance under the supervised learning setup. The identified features are very easy to compute, and at the same time surprisingly effective in solving the link prediction problem. We also explain the effectiveness of the features from their class density distribution. Then we compare different classes of supervised learning algorithms in terms of their prediction performance using various performance metrics, such as accuracy, precision-recall, F-values, squared error etc. with a 5-fold cross validation. Our results on two practical social network datasets shows that most of the well-known classification algorithms (decision tree, k-nn,multilayer perceptron, SVM, rbf network) can predict link with surpassing performances, but SVM defeats all of them with narrow margin in all different performance measures. Again, ranking of features with popular feature ranking algorithms shows that a small subset of features always plays a significant role in the link prediction job.
883 citations
"Cloud Insider Attack Detection Usin..." refers background in this paper
...The supervised learning is a prediction about the future and the known data [5, 6]....
[...]
TL;DR: Although many of these countermeasures have been proposed before for email and Web spam, the authors find that their applicability to social Web sites differs.
Abstract: In recent years, social Web sites have become important components of the Web. With their success, however, has come a growing influx of spam. If left unchecked, spam threatens to undermine resource sharing, interactivity, and openness. This article surveys three categories of potential countermeasures - those based on detection, demotion, and prevention. Although many of these countermeasures have been proposed before for email and Web spam, the authors find that their applicability to social Web sites differs.
284 citations
"Cloud Insider Attack Detection Usin..." refers background in this paper
...An inside attacker is someone who pretends to be a normal user by compromising an authorized node and attack the entire cloud system internally [3, 4]....
[...]
TL;DR: This article describes a reference architecture that improves how people are integrated with the IoT, with smartphones doing the connecting, and opens the way to new IoT scenarios supporting evolution towards the Internet of People.
Abstract: There's growing interest in developing applications for the Internet of Things. Such applications' main objective is to integrate technology into people's everyday lives, to be of service to them en masse. The form in which this integration is implemented, however, still leaves much room for improvement. Usually, the user must set parameters within the application. When the person's context changes, they have to manually reconfigure the parameters. What was meant to be a commodity in an unforeseen situation then becomes extra noise. This article describes a reference architecture that improves how people are integrated with the IoT, with smartphones doing the connecting. The resulting integration opens the way to new IoT scenarios supporting evolution towards the Internet of People.
200 citations
"Cloud Insider Attack Detection Usin..." refers background in this paper
...Cloud has so many benefits like on-demand resource utilization, resource sharing, storage service etc[2]....
[...]