Anomaly Detection in Cloud Environments

2015 ◽  
pp. 43-67
Author(s):  
Angelos K. Marnerides
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Empirical Mode Decomposition ◽  
State Of The Art ◽  
Detection System ◽  
Security Threats ◽  
Accurate Identification ◽  
Mode Decomposition ◽  
Operational Characteristics ◽  
Cloud Environments

Cloud environments compose unique operational characteristics and intrinsic capabilities such as service transparency and elasticity. By virtue of their exclusive properties as being outcomes of their virtualized nature, these environments are prone to a number of security threats either from malicious or legitimate intent. By virtue of the minimal proactive properties attained by off-the-shelf signature-based commercial detection solutions employed in various infrastructures, cloud-specific Intrusion Detection System (IDS) Anomaly Detection (AD)-based methodologies have been proposed in order to enable accurate identification, detection, and clustering of anomalous events that could manifest. Therefore, in this chapter the authors firstly aim to provide an overview in the state of the art related with cloud-based AD mechanisms and pinpoint their basic functionalities. They subsequently provide an insight and report some results derived by a particular methodology that jointly considers cloud-specific properties and relies on the Empirical Mode Decomposition (EMD) algorithm.

Anomaly Detection in Cloud Environments

2019 ◽  
pp. 140-164
Author(s):  
Angelos K. Marnerides
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Empirical Mode Decomposition ◽  
State Of The Art ◽  
Detection System ◽  
Security Threats ◽  
Accurate Identification ◽  
Mode Decomposition ◽  
Operational Characteristics ◽  
Cloud Environments

Cloud environments compose unique operational characteristics and intrinsic capabilities such as service transparency and elasticity. By virtue of their exclusive properties as being outcomes of their virtualized nature, these environments are prone to a number of security threats either from malicious or legitimate intent. By virtue of the minimal proactive properties attained by off-the-shelf signature-based commercial detection solutions employed in various infrastructures, cloud-specific Intrusion Detection System (IDS) Anomaly Detection (AD)-based methodologies have been proposed in order to enable accurate identification, detection, and clustering of anomalous events that could manifest. Therefore, in this chapter the authors firstly aim to provide an overview in the state of the art related with cloud-based AD mechanisms and pinpoint their basic functionalities. They subsequently provide an insight and report some results derived by a particular methodology that jointly considers cloud-specific properties and relies on the Empirical Mode Decomposition (EMD) algorithm.

Hybrid Intrusion Detection Framework for Ad hoc networks

2016 ◽  
Vol 10 (4) ◽  
pp. 1-32 ◽  
Author(s):  
Abdelaziz Amara Korba ◽  
Mehdi Nafaa ◽  
Salim Ghanemi
Keyword(s):  
Intrusion Detection ◽  
Anomaly Detection ◽  
Ad Hoc Networks ◽  
Intrusion Detection System ◽  
Ad Hoc ◽  
Detection System ◽  
Security Framework ◽  
Detection Techniques ◽  
Wide Range ◽  
Hoc Networks

In this paper, a cluster-based hybrid security framework called HSFA for ad hoc networks is proposed and evaluated. The proposed security framework combines both specification and anomaly detection techniques to efficiently detect and prevent wide range of routing attacks. In the proposed hierarchical architecture, cluster nodes run a host specification-based intrusion detection system to detect specification violations attacks such as fabrication, replay, etc. While the cluster heads run an anomaly-based intrusion detection system to detect wormhole and rushing attacks. The proposed specification-based detection approach relies on a set of specifications automatically generated, while anomaly-detection uses statistical techniques. The proposed security framework provides an adaptive response against attacks to prevent damage to the network. The security framework is evaluated by simulation in presence of malicious nodes that can launch different attacks. Simulation results show that the proposed hybrid security framework performs significantly better than other existing mechanisms.

scholarly journals Cascaded Neural Network Based Data Mining Strategy for Cloud Intrusion Detection

2018 ◽  
Vol 11 (3) ◽  
pp. 1094
Author(s):  
P Purniemaa ◽  
R Jagadeesh Kannan
Keyword(s):  
Neural Network ◽  
Data Mining ◽  
Intrusion Detection ◽  
Anomaly Detection ◽  
Knowledge Discovery ◽  
Detection System ◽  
Data Sets ◽  
And Performance ◽  
Performance Results ◽  
Data Mining Strategy

In recent years data mining has acquired huge popularity in the field of knowledge discovery. Thus, this approach has inspired several researches for anomaly detection, fraud detection and intrusion detection with higher accuracy, all round generalization of the problem and its sub cases; all giving higher performance in conditions subjected to continuous alteration. Though there remain quite a few challenging problems in design and implementation of a data mining based cloud intrusion detection system, as deception tactics and modeling of behavior remains a daunting problem to compute for anomaly owing to massive size of data to process in reasonable time. In this study we present a cascaded neural network based data mining strategy for cloud intrusion detection systems (IDSs) and presents the comparison and performance results tested on DARPA Intrusion Detection (ID) Data Sets, Knowledge Discovery and Data Mining Cup, NSL-KDD dataset. The study exhibits numerous advantages offered by the presented method and give reliable results of anomaly detection in real time scenario.

Sign in / Sign up

Export Citation Format

Share Document