Abstract

With increased cloud usage and complex cyber threats, developing robust, dynamic intrusion detection systems for cloud environments is crucial. Traditional centralized solutions face latency and scalability issues. Recent frameworks, though significant, often struggle with emerging threats and inconsistent performance. This study aims to develop an adaptive intrusion detection framework to enhance cloud security by addressing the limitations of centralized detection systems and improving the detection of known and unknown threats. To remove the reliance on centralized resources, the architecture uses an intrusion detection module at fog and edge nodes to perform analysis locally, facilitating rapid identification and response. The proposed adaptive framework can be deployed in the edge/fog layer. It has three primary phases: data collection and preprocessing, training, and testing. The framework adopts a multi-layered defence strategy, employing a rule-based ensemble model for detecting known attacks, a signature-based detection method, an isolation forest (IF) model for anomaly-based detection of unknown attacks, and an ensemble learning model to make final decisions on the network traffic data. The performance analysis was conducted on the university of new south Wales network-based 2015 (UNSW-NB15) dataset with 82,332 instances and the national security laboratory - knowledge discovery and data mining (NSL-KDD) dataset with 25,192 instances. With the UNSW-NB15 dataset, the model achieved 92.68% accuracy, an 88.03% attack detection rate (ADR), and a low false alarm rate (FAR) of 1.53%. For the NSL-KDD dataset, the model offered an improved accuracy of 99.51%, along with a mean F-measure of 91.48%. It also achieved an ADR of 99.23% and a FAR of 0.25%. The proposed adaptive model outperforms conventional models in detecting security breaches, enhancing cloud security with scalability, agility, and resilience in fog and edge computing environments. However, the framework requires continuous development to improve its efficiency, and evaluate performance in real-time with large network traffic data.

Keyword

Intrusion detection system, Cloud security, Fog computing, Edge computing, Anomaly detection, Ensemble learning.

Cite this article

Vani K, Swornambiga SP.Adaptive intrusion detection framework for enhanced cloud security in fog and edge computing environments. International Journal of Advanced Technology and Engineering Exploration. 2024;11(121):1613-1640. DOI:10.19101/IJATEE.2024.111100395

Refference

[1]Khater BS, Abdul WAW, Idris MY, Hussain MA, Ibrahim AA, Amin MA, et al. Classifier performance evaluation for lightweight IDS using fog computing in IoT security. Electronics. 2021; 10(14):1-52.

[2]Yu W, Liang F, He X, Hatcher WG, Lu C, Lin J, et al. A survey on the edge computing for the internet of things. IEEE Access. 2017; 6:6900-19.

[3]Alzubi OA, Qiqieh I, Alzubi JA. Fusion of deep learning based cyberattack detection and classification model for intelligent systems. Cluster Computing. 2023; 26(2):1363-74.

[4]El-sayed H, Sankar S, Prasad M, Puthal D, Gupta A, Mohanty M, et al. Edge of things: the big picture on the integration of edge, IoT and the cloud in a distributed computing environment. IEEE Access. 2017; 6:1706-17.

[5]Alzubi OA, Alzubi JA, Alazab M, Alrabea A, Awajan A, Qiqieh I. Optimized machine learning-based intrusion detection system for fog and edge computing environment. Electronics. 2022; 11(19):1-16.

[6]Zwayed FA, Anbar M, Sanjalawe Y, Manickam S. Intrusion detection systems in fog computing–a review. In third international conference on advances in cyber security 2021 (pp. 481-504). Springer Singapore.

[7]Aliyu F, Sheltami T, Shakshuki EM. A detection and prevention technique for man in the middle attack in fog computing. Procedia Computer Science. 2018; 141:24-31.

[8]Gao J, Chai S, Zhang B, Xia Y. Research on network intrusion detection based on incremental extreme learning machine and adaptive principal component analysis. Energies. 2019; 12(7):1-17.

[9]Sousa BF, Abdelouahab Z, Lopes DC, Soeiro NC, Ribeiro WF. An intrusion detection system for denial of service attack detection in internet of things. In proceedings of the second international conference on internet of things, data and cloud computing 2017 (pp. 1-8). ACM.

[10]Muhammad LI, Zambuk FU, Muhammad D, Shittu F, Gital AY, Ibrahim KM, et al. An improved security framework for cyber malicious device detection in fog environments. International Journal of Engineering Research & Technology. 2023; 12(2):190-6.

[11]Saravanan A, Bama SS. CloudSec (3FA): a multifactor with dynamic click colour-based dynamic authentication for securing cloud environment. International Journal of Information and Computer Security. 2023; 20(3-4):269-94.

[12]Arumugam S. An effective hybrid encryption model using biometric key for ensuring data security. International Arab Journal of Information Technology. 2023; 20(5):796-807.

[13]Roopak M, Tian GY, Chambers J. An intrusion detection system against DDoS attacks in IoT networks. In 10th annual computing and communication workshop and conference 2020 (pp. 562-7). IEEE.

[14]Singh A, Chatterjee K, Satapathy SC. An edge based hybrid intrusion detection framework for mobile edge computing. Complex & Intelligent Systems. 2022; 8(5):3719-46.

[15]Aldaej A, Ahanger TA, Ullah I. Deep learning-inspired IoT-IDS mechanism for edge computing environments. Sensors. 2023; 23(24):1-20.

[16]Raponi S, Caprolu M, Di PR. Intrusion detection at the network edge: solutions, limitations, and future directions. In third international conference on edge computing 2019 (pp. 59-75). Springer International Publishing.

[17]Halimaa A, Sundarakantham K. Machine learning based intrusion detection system. In 3rd international conference on trends in electronics and informatics 2019 (pp. 916-20). IEEE.

[18]Khraisat A, Gondal I, Vamplew P, Kamruzzaman J, Alazab A. Hybrid intrusion detection system based on the stacking ensemble of C5 decision tree classifier and one class support vector machine. Electronics. 2020; 9(1):1-18.

[19]Judith A, Kathrine GJ, Silas S. Efficient deep learning-based cyber-attack detection for internet of medical things devices. Engineering Proceedings. 2023; 59(1):1-10.

[20]Alzubi JA, Alzubi OA, Qiqieh I, Singh A. A blended deep learning intrusion detection framework for consumable edge-centric IOMT industry. IEEE Transactions on Consumer Electronics. 2024; 70(1):2049-57.

[21]Adejimi AO, Sodiya AS, Ojesanmi OA, Falana OJ, Tinubu CO. A dynamic intrusion detection system for critical information infrastructure. Scientific African. 2023; 21(2023):1-12.

[22]Kumar V, Kumar V, Singh N, Kumar R. Enhancing intrusion detection system performance to detect attacks on edge of things. SN Computer Science. 2023; 4(6):802.

[23]Kumar P, Gupta GP, Tripathi R. A distributed ensemble design based intrusion detection system using fog computing to protect the internet of things networks. Journal of ambient intelligence and humanized Computing. 2021; 12(10):9555-72.

[24]Abualghanam O, Alazzam H, Alhenawi EA, Qatawneh M, Adwan O. Fusion-based anomaly detection system using modified isolation forest for internet of things. Journal of Ambient Intelligence and Humanized Computing. 2023; 14(1):131-45.

[25]Bakro M, Kumar RR, Alabrah AA, Ashraf Z, Bisoy SK, Parveen N, et al. Efficient intrusion detection system in the cloud using fusion feature selection approaches and an ensemble classifier. Electronics. 2023; 12(11):1-27.

[26]Alsubhi K. A secured intrusion detection system for mobile edge computing. Applied Sciences. 2024; 14(4):1-14.

[27]Sajid J, Hayawi K, Malik AW, Anwar Z, Trabelsi Z. A fog computing framework for intrusion detection of energy-based attacks on UAV-assisted smart farming. Applied Sciences. 2023; 13(6):1-23.

[28]Lesouple J, Baudoin C, Spigai M, Tourneret JY. Generalized isolation forest for anomaly detection. Pattern Recognition Letters. 2021; 149:109-19.

[29]Yao H, Gao P, Zhang P, Wang J, Jiang C, Lu L. Hybrid intrusion detection system for edge-based IIoT relying on machine-learning-aided detection. IEEE Network. 2019; 33(5):75-81.

[30]Gaikwad DP. Intrusion detection system using ensemble of rule learners and first search algorithm as feature selectors. International Journal of Computer Network and Information Security. 2021; 13(4):26-34.

[31]Kalaivani K, Chinnadurai M. A hybrid deep learning intrusion detection model for fog computing environment. Intelligent Automation & Soft Computing. 2021; 30(1):1-15.

[32]Aslan Ö, Aktuğ SS, Ozkan-okay M, Yilmaz AA, Akin E. A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics. 2023; 12(6):1-42.

[33]Pinto A, Herrera LC, Donoso Y, Gutierrez JA. Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure. Sensors. 2023; 23(5):1-18.

[34]Bama SS, Ahmed MI, Saravanan A. Network intrusion detection using clustering: a data mining approach. International Journal of Computer Applications. 2011; 30(4):14-7.

[35]Panda M, Abraham A, Patra MR. Discriminative multinomial naive bayes for network intrusion detection. In sixth international conference on information assurance and security 2010 (pp. 5-10). IEEE.

[36]Tao X, Peng Y, Zhao F, Zhao P, Wang Y. A parallel algorithm for network traffic anomaly detection based on isolation forest. International Journal of Distributed Sensor Networks. 2018; 14(11):1-11.

[37]Ramkumar MP, Daniya T, Paul PM, Rajakumar S. Intrusion detection using optimized ensemble classification in fog computing paradigm. Knowledge-Based Systems. 2022; 252:109364.

[38]Almogren AS. Intrusion detection in edge-of-things computing. Journal of Parallel and Distributed Computing. 2020; 137:259-65.

[39]Pacheco J, Benitez VH, Felix-herran LC, Satam P. Artificial neural networks-based intrusion detection system for internet of things fog nodes. IEEE Access. 2020; 8:73907-18.

[40]Sahar N, Mishra R, Kalam S. Deep learning approach-based network intrusion detection system for fog-assisted IoT. In proceedings of international conference on big data, machine learning and their applications 2021 (pp. 39-50). Springer Singapore.

[41]Papamartzivanos D, Mármol FG, Kambourakis G. Dendron: genetic trees driven rule induction for network intrusion detection systems. Future Generation Computer Systems. 2018; 79:558-74.

[42]Moustafa N, Slay J. The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Information Security Journal: A Global Perspective. 2016; 25(1-3):18-31.

[43]Kumar V, Sinha D, Das AK, Pandey SC, Goswami RT. An integrated rule based intrusion detection system: analysis on UNSW-NB15 data set and the real time online dataset. Cluster Computing. 2020; 23:1397-418.

[44]Sohal AS, Sandhu R, Sood SK, Chang V. A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments. Computers & Security. 2018; 74:340-54.

[45]Shitharth S, Mohammed GB, Ramasamy J, Srivel R. Intelligent intrusion detection algorithm based on multi-attack for edge-assisted internet of things. In security and risk analysis for intelligent edge computing 2023 (pp. 119-35). Cham: Springer International Publishing.

[46]Liang C, Shanmugam B, Azam S, Karim A, Islam A, Zamani M, et al. Intrusion detection system for the internet of things based on blockchain and multi-agent systems. Electronics. 2020; 9(7):1-27.

[47]Sudqi KB, Abdul WAW, Idris MY, Abdulla HM, Ahmed IA. A lightweight perceptron-based intrusion detection system for fog computing. Applied Sciences. 2019; 9(1):1-21.

[48]Syed NF, Ge M, Baig Z. Fog-cloud based intrusion detection system using recurrent neural networks and feature selection for IoT networks. Computer Networks. 2023; 225:109662.

[49]Kumar R, Kumar P, Tripathi R, Gupta GP, Garg S, Hassan MM. A distributed intrusion detection system to detect DDoS attacks in blockchain-enabled IoT network. Journal of Parallel and Distributed Computing. 2022; 164:55-68.

[50]Hao WT, Lu Y, Dong RH, Shui YL, Zhang QY. Adaptive intrusion detection model based on CNN and C5.0 classifier. International Journal of Network Security. 2022; 24(4):648-60.

[51]Kumar V, Das AK, Sinha D. UIDS: a unified intrusion detection system for IoT environment. Evolutionary Intelligence. 2021; 14(1):47-59.

[52]Saravanan A, Bama SS, Kadry S, Ramasamy LK. A new framework to alleviate DDoS vulnerabilities in cloud computing. International Journal of Electrical & Computer Engineering. 2019; 9(5):4163-75.

[53]Potdar K, Pardawala TS, Pai CD. A comparative study of categorical variable encoding techniques for neural network classifiers. International Journal of Computer Applications. 2017; 175(4):7-9.

[54]Bama SS, Saravanan A. Efficient classification using average weighted pattern score with attribute rank based feature selection. International Journal of Intelligent Systems and Applications. 2019; 11(7):29-42.

[55]Urbanowicz RJ, Meeker M, La CW, Olson RS, Moore JH. Relief-based feature selection: introduction and review. Journal of Biomedical Informatics. 2018; 85:189-203.

[56]Permadi VA, Tahalea SP, Agusdin RP. K-means and elbow method for cluster analysis of elementary school data. Progres Pendidikan. 2023; 4(1):50-7.

[57]Moustafa N, Slay J. UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In military communications and information systems conference (MilCIS) 2015 (pp. 1-6). IEEE.

[58]Tavallaee M, Bagheri E, Lu W, Ghorbani AA. A detailed analysis of the KDD CUP 99 data set. In symposium on computational intelligence for security and defense applications 2009 (pp. 1-6). IEEE.

[59]Solekha NA. Analysis of NSL-KDD dataset for classification of attacks based on intrusion detection system using binary logistics and multinomial logistics. In seminar nasional official statistics 2022 (pp. 507-20).

[60]Saravanan A, Bama SS. Multi-model anti-Ddos framework for detection and mitigation of high rate Ddos attacks in the cloud environment. International Journal of Scientific & Technology Research. 2020; 9(3):4503-11.