Abstract
Nowadays, the foremost optimal choice of every IT organization is cloud computing. Cloud computing technology is very flexible and scalable in nature. The prime concern in cloud computing is its security and privacy, because intruders are trying to breach it. The main reason for breaching is its open and distributed architecture. For detection of various attacks on cloud, the most common mechanism used is Intrusion Detection System (IDS). We have presented a comparative analysis of some existing cloud based intrusion detection systems and different methods of deploying the IDS are used for overcoming the security challenges. In spite of the fact that there are various existing literatures in this area of study, we endeavor to give more intricate picture of a thorough analysis. This paper shares an overview of different intrusions in cloud. The metrics, which are used for comparative analysis, are of various types like positioning, detection time, detection techniques, data source and attacks. The comparative analysis also shows the limitations of each technique that tells whether the cloud-computing environment is secure or not.
Access provided by Autonomous University of Puebla. Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Cloud computing is the latest computing technology which provides various services on demand and pay per use basis. Fundamental idea behind the evolution of this technology is diversity of computing relative to users. Every user has his own needs and expectations about the services. To fulfil their need, various features from computing components i.e. software, hardware and network are required. It is almost impossible to have distinguish computing environment for every user. Each client or user requirements are diverse i.e. on demand services or highly paid services from network; software development organizations cannot purchase every development environment for clients. As the technological advancements are increasing at a very fast rate, this lead to the evolution of cloud computing environment where all the services can be provided to the client in virtual environment. There are cloud servers created and maintained by computing giant firms, which provide numerous services required by users. Basically, cloud services are categorized in three broad categories. First one is Software as a Service (SaaS) which provides various applications especially bounded to software to users. Second one is Infrastructure as a Service (IaaS) which provides various infrastructure environments to users and last one is Platform as a Service (PaaS) which deals with various platforms like OSs, etc. [4, 5]. All these services are available to users on pay per use and on demand basis, which helps the users to get the services at minimum cost that is impossible to get at affordable price in the past. Users have to just pay the rent for the time to which they are using services. Apart from this unique feature, cloud computing provides various other features like availability, maintainability, scalability, interoperability, etc. Not these all facilities can be achieved anyhow by standalone users in their local infrastructure due to various unavoidable conditions whereas cloud providers support them due to devoted services.
2 Common Attacks in Cloud
Cloud computing is the next generation technology, which is suitable for varied users having different resource and operating requirements [1]. The platforms for the cloud, computing are attractive because they are different from the traditional physical infrastructure on the basis of on-demand resources such as purchase, installation, configuration and deployment etc. Moreover, due to the openness behavior (i.e. data privacy for individuals) of the cloud, there are various security issues architecture that involves network as Internet and intranets Some of the major intrusions are described as follows:
Insider Attack: This attack is performed by insider cloud users i.e. It enters to the system by legitimate authorization. As, this attack is performed by some insider, the prediction and lethality of an attack is very difficult to find. Users may try to breach the security of cloud by gaining unprivileged access by using their credentials. Such attack covers the data tempering, deletion of critical assets and spreading of falsified information to hamper the system etc. This is one of the most disastrous threat to cloud because once the internal security architecture will be breached then overall system can be compromised easily.
Flooding Attack: For providing stability to the internet service, the flooding attack is considered to be the major challenge in cloud computing environment. In this attack, attacker frequently flood the huge amount of data packets to choke the network system. The data may include the ICMP, TCP, UDP packets etc. which are sent to just flood the system and gain access to other resources [2]. The two major techniques used for the flooding attack are DoS (Denial of service) and DDoS (Distributed denial of service) attack. Flooding of packets on server by one computer is called as denial of service attack whereas the same process to be done from many computers is called distributed denial of service attack.
User to Root Access: In this attack, those users are compromised which are having root access to the cloud system. In this attack, attacker can perform administrator level work for accessing the root level permissions and compromising the user credentials [3]. However it is not a single attack based on paradigm that will be applied on the cloud system. User to root access attack also involves many techniques like eavesdropping etc. The main motto behind this attack is to gain credentials to reach to the root level of the cloud server which can be further compromised by using the same.
Port Scanning: Port scanning is the technique to scan all ports of any system. Although it is a manual process to check for each and every port and their status as open or close. There are various automated tools such as nmap, wireshark and tcpdump which provide detailed description about the port numbers that can be incorporated with IP address [3]. These tools are sometimes used to attack on the cloud environment. If not all open ports are being used by any specific service, that ports can be used as a back door. In backdoor, the attacker inserted the malicious code for gaining access the network system.
Attacks on Virtual Machine (VM) or Hypervisor: Cloud environment is completely based on virtual architecture. It virtualizes both the environments either internal or external. Virtual machine is a dedicated machine that works virtually on behalf of real environment. The most popular technique for clubbing and splitting VMs is based on hypervisor. A hypervisor is a virtual machine manager that allows multiple operating system runs on a single host system at a same time. There are various known attacks which try to compromise either VMs or target hypervisor to completely choke the system. The attacker always target the middle layer that works between the upper and lower layer in VMs. If the attackers can compromise any one of these three layers then he would result compromise the whole system very easily.
Apart from the above discussed attacks there are various other attacks which lead to severe security problems. The common solution to the problem is firewall implementation. However it does not solve the problems at all which forces the intrusion detection system (IDS) or sometimes intrusion detection and prevention system (IDPS) implementation. First of all we see the features of firewall and various other firewalls which can be implemented and then after various other IDPSs and their comparison in cloud environment [7].
3 Firewall
Firewall comprises various set of rules which act as the first line defence mechanism involved in the system. It protects and filters all the incoming and outgoing requests from the system. However, it is completely static in nature working on the pre-defined rules of network. It is unable to protect the system in cases where requests are evasion in nature and here IDPSs play crucial role for the system [8, 9]. Some of the major firewall techniques that are used in cloud environment are Static Packet Filtering Firewall, Stateful Packet Filtering Firewall, Stateful Inspection Firewall and Proxy Firewalls [10].
Firewalls restrict to some extent in security attacks but not as an overall solution. For sustaining more security in different types of attacks, IDS or IPS can be served as solution that could be incorporate in cloud. However, the different parameters and techniques are required for improving the efficacy of an IDS/IPS in cloud computing. The parameters comprises of different techniques used in IDS and its configuration within the network. Some traditional IDS/IPS techniques such signature based detection, anomaly detection, state protocol analysis etc. can also be incorporated in cloud. The next section covers the common IDS/IPS techniques.
4 Cloud Based IDS Techniques
4.1 Signature Based Detection
This technique incorporates signatures of various known attacks. These signatures are stored in database server of IDS and any incoming or outgoing requests are matched with them. Any matching signature request is discarded immediately from the network or other consequences may be applied like changing the contents, modifying the target, etc. However, it is the best technique for known attacks but proves to be very ineffective in case of unknown attacks. Any attack or security breach, which is attempted by modifying the content, is unable to be detected by this technique. One of the key reason for using signature-based detection is because its rules can be easily reconfigured. Reconfiguration of rules is required for updating the signatures of unknown attacks. These signatures are helpful for detecting the network traffic [11].
In cloud, the known attack can be easily detected by using signature based intrusion detection technique. The signature-based technique is applied on the front end of cloud for detecting the external intrusion or at back end of cloud for detecting internal intrusions. If signatures are not updated, it cannot be used to detect unknown attacks in cloud. Different signature based detection approaches along with the methodology adopted and salient features are shown in Table 1. All approaches in tables tells about the methodologies that have been used to provide the security in cloud environment. Jia et al. [14] proposed an efficient revocable ID-Based Signature scheme that is performed on cloud revocation server. In this approach, large prime numbers are used to provide the greater security. The main advantage of this approach is that it uses less time consumption for detection of unknown attacks than other traditional techniques. Arjunan et al. [15] proposed an enhanced intrusion detection approach for securing of networks by incorporating correlation module (CM) and management module (MM). This technique is used for both anomaly based and signature based detection attacks. Hamdi et al. proposed cloud based signature learning service approach using inductive logic programming.
The results for this technique is better than previous technique as it automatically generates the signature for SNORT IDS [16]. Table 1 shows different Signature based detection approaches along with their methodologies and salient features.
4.2 Anomaly Detection
Anomaly detection technique tries to detect intrusions that are anomalous to the actual definition. This technique involves various profiles that are used to filter the traffic as genuine or malicious activity.
All such profiles are stored in advance as well as dynamically updated based on the uses and traffic pattern. Some of the known products based on this technique are working very well in real life scenarios [12].
Apart from the normal computing, it is also very useful in case of cloud computing. It involves data collection related to the behavior of legitimate users over training period, and then applies various test, which are statistical in nature, are used to observe behavior and determines genuine user. It is very useful in cases of unknown attacks where definitions or any specific signatures are unknown in advance. The main idea behind use of this detection technique is to decrease the false alarm rate and work either perfectly either with known or unknown attacks [13]. Anomaly detection techniques detects unknown and known attacks, which are segregated at different levels. In cloud, by using anomaly based detection, large number of events that can (network level or system level) occur, which makes difficult to monitor or control intrusion [1].
Capability of soft computing to deal with uncertain and data that is partially true, makes them very useful technique in intrusion detection. There are various techniques from this computing like Fuzzy Logic, Association rule mining, Artificial Neural Network (ANN), Genetic Algorithm (GA), Support Vector Machine (SVM), etc. that can be incorporated to improve the accuracy of detection and efficiency of anomaly detection based IDS and signature based IDS. Sunita et al. [19] uses k-learning classification over cloud to improve detection accuracy of anomaly based IDS. It uses Bayesian classifier, which converges quicker than other discriminative models and requires less model training time.
Suaad et al. [20] proposed a unique model of detecting anomalies in IaaS environments by monitoring the VM in cloud system. Their detection system proved very successful in classifying normal and anomalous behavior than other cloud-based approaches. Pan et al. [22] gives a beautiful categorization of several different attacks which was absent in many of the past researches. In addition, they further segregates the attacks and prevents any misclassification of attack vectors. Different anomaly based detection approaches are shown in Table 2. The table shows the comparison and methodologies of all the anomaly based detection approaches along with salient features.
4.3 Artificial Neural Networks (ANN) Based IDS
ANNs generalizes data from incomplete data for intrusion detection classifier as normal or intrusive behavior. Types of ANN are used in IDS are: Back Propagation (BP), Multi-Layer Feed-Forward (MLFF) nets and Multi-Layer Perceptron (MLP). Distributed Time Delay Neural Network (DTDNN) has been claimed as the best detection technique in this category until now. It contains capability of classifying and fast conversion rates of data and proves to be a very simple and efficient solution. Its accuracy can be improved by combining various other techniques related to soft computing.
ANN based solutions of IDS proves a better solution over other techniques for network data which are unstructured in nature. Accuracy of intrusion detection involved with these techniques is completely dependent on training profile and layers that are hidden. Gupta et al. [23] proposed an efficient triggering mechanism that uses ANN and ITM model to detect any intrusion over the cloud. It gives better results over other triggering mechanisms in cloud environment. However, their system lacks the capability of attack categorization. ANN based detection approaches and their comparison is shown in Table 3. Li et al. [24] proposed a distributed IDS for cloud platforms that performed better than ITM model when comes to detection of new kinds of attack vectors.
4.4 Fuzzy Logic Based IDS
FIDS are used for detecting and inspecting various network traffic related to SYN and UDP floods, Ping of Death, E-mail Bomb, FTP/Telnet password guessing and port scanning. Some evolving techniques under Fuzzy Neural Network (FuNN) collaborates both type of learning as supervised and unsupervised learning [1]. EuFNN has better accuracy in intrusion detection than normal ANN techniques and experimental results shown in [1] prove accuracy. Real time intrusions can be also detected in real time environment by involving association rules of Fuzzy System. The experimental results generate two result sets that are mined online from training data. It is very suitable for DoS or DDoS attacks that are implemented on large scale. Alqahtani et al. [26] have examined popular IDS framework using different classifiers against each other to identify the most effective classifier in detecting various attacks. Their results shows that SuricataIDS when used with decision-based classifier gives the highest accuracy among other classification mechanisms. Mary et al. [27] have used fuzzy logic control for building multi-layer trust security model, which unlike previous fuzzy based systems is capable of faster classification with higher degree of accuracy. Fuzzy based detection approaches and comparison is shown in Table 4.
4.5 Association Rule Based IDS
There are various intrusions that are formed based on known or variants of known attacks. Apriori algorithm for determining the signatures of such attacks are used and they are also capable to determine the variants of such attacks can be determined and detected by frequent item sets. Data mining technique used in Network based intrusion detection with signature-based algorithm generates signatures for misuse detection.
However, drawback of the proposed algorithm is involved time consumption, which is more than considerable for generating signatures. Scanning reduction algorithm solved this problem, which reduces the number of database scans for effectively generating signatures from previously known attacks. However, there are very high false positive rates occur which generate due to unwanted and unknown patterns.
4.6 Support Vector Machine Based IDS
SVM is better than other artificial intelligence techniques used with IDS. There are various available experiments, which shows its efficiency over other techniques. It uses limited sample data to detect intrusions where accuracy does not get affected due to dimensions of data. False positives rate is also very less than other techniques as experimented in [6].
This is because that various other techniques require large sample dataset whereas it works on a limited sample dataset. It uses limited sample data to detect intrusions where accuracy does not get affected due to dimensions of data. False positives rate is also very less than other techniques as experimented in [6]. This is because that various other techniques require large sample dataset whereas it works on a limited sample dataset. SVM works on binary data so for better accuracy, it can be combined with other techniques which can improve its accuracy in detection. SVM is combined with SNORT and some basic rule sets of firewall, which allows it to generate a new and effective technique for intrusion detection.
The SVM- classifier is also used with SNORT to reduce false alarm rate and improve accuracy of IPS. SVM IDS techniques can prove the best techniques for intrusion detection in cloud, which can enhance its current feature and extends its security level up to a considerable level. Raneel et al. [28] proposed a similar study [19] for the protection of VMs over Infrastructure-as-a-Service (IaaS) environments but uses SVM classifiers. They presented a thorough study of different classes of DoS attacks and were capable of detecting these attacks in cloud platforms. Mukkavilli et al. [29] proposed a theoretical model for detecting anomalous changes in network traffic by using supervised machine learning and SCM classifier over cloud environment. Their system is susceptible to higher false positive rates. Raja et al. [30] proposed a novel approach of using Principle Component Analysis (PCA) for detecting attack vectors over cloud platforms. Their approach gives better results than most of the conventional SVM based classifiers and decreases overall analysis time. Different SVM based detection approaches and their comparison is shown in Table 5.
4.7 Genetic Algorithm Based IDS
Genetic Algorithms (GA) use confidence based fitness functions for intrusion detection, which classifies network in a very efficient manner. These values can be used and determined for the profile generation as well. These services are very much useful in cases where intrusion behaviors are very dynamic in nature. These techniques can be collaborated with other techniques, which are resource intensive and prioritize the overall performance of the system. These techniques use training period and determine the fitness value based on the trained profiles. However, GA can be integrated with other such techniques for better results in cloud technology.
This feature is more important than any other techniques involved for intrusion detection. It is also suitable in scenarios wherever there is a need of mutual authentication in cloud among users. Most of the genetic algorithms uses techniques, which are derived from biological concepts like mutation, inheritance, crossover and selection. Fan, Yu et al. [31] proposed a cloud-based platform called T-DNA Tagged Rice Service Information System (TTRSIS) for research based on rice genomics using Genome Annotation System (GAAS). Their system helps researchers and scientists to query genes stored 21 Kb downstream or upstream of T-DNA addition sites. Kannan et al. [32] proposed a novel mechanism that uses genetics based feature detection and SVM based classifier, which improves the classification accuracy when compared to other techniques by selecting only important features. The running time is reduced by removing unnecessary features with the help of feature selection module. The proposed system has a higher detection rate and reduced false alarm rate. Yin et al. [33] proposed a novel classification mechanism for solving imbalanced class dataset and shows a higher accuracy when compared to other conventional algorithms. Different Genetic based detection approaches along with their comparison is shown in Table 6.
4.8 Hybrid Techniques
Hybrid techniques combine various such technologies together for a better result in sense of intrusion detection. This is such a kind of technology, which contains various flavours related to other techniques. NeGPAIM is based on hybrid technique combining two low level components including fuzzy logic for misuse detection and neural networks for anomaly detection, and one high level component which is a central engine analyzing outcome of two low level components. This is an effective model and does not require dynamic update of rules. It is more suitable to be integrated with soft computing techniques, which are traditional ones or focused towards intrusion detection.
With pros and cons of every technique, this is also not an exception. Some of the limitations under this technique are mainly oriented towards training profiles, period and rules. The lead role in this technique is of algorithm, which makes it stand clear form other techniques. Justin et al. [34] proposed a hybrid IDS model that uses SVM classifier for getting highly accurate results and anomaly-based detection is used for detecting DoS attacks in Mobile Ad-Hoc Networks (MANETs). Now, the analytical study of all techniques are shown in tabular format i.e. in Table 7. The table covers the comparison between different detection techniques based on certain silent features such as IDS type, Positioning, detection time, data source and attacks covered etc. Each detection technique has different positioning, detection time, data source and attack that effects the cloud-computing environment because network traffic, signatures, servers and cloud regions are different for each detection technique.
5 Conclusion
In this paper, different types of intrusion detection systems have shown that are useful in the cloud-computing environment. In the first section, we talk about different attacks on cloud platforms like Insider attack, Flooding attack, Port Scanning and attacks on VMs. After that a little description about firewall is given. Then we described different cloud based IDS techniques. The paper also covers different researches in tabular form that are helpful for understanding the cloud-computing scenario in efficient way. Furthermore, the analysis of different IDS techniques such as signature based, anomaly based, artificial based and genetic based detection etc. have been shown in the paper. The confidentiality, integrity, and availability of data in cloud that are affected by the intrusions are also presented here. Finally, the analytical study of all cloud based IDS techniques is done on the basis of salient features such as IDS type, positioning, detection time, data source and attacks covered. Each detection technique has different positioning, detection time, data source and attack that effects the cloud computing environment because network traffic, signatures, server positioning and cloud regions are different for each technique. With this analytical study, we presented a detailed analysis on how different IDS techniques have been used over the cloud platform and how we can better select the IDS based on our requirements.
References
Modi, C., Patel, D., Borisaniya, B., Patel, H.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36, 42–57 (2013)
Almorsy, M., Grundy, J., Ibrahim, A.S.: Adaptable, model-driven security engineering for SaaS cloud-based applications. Automated Software Engineering 21(2), 187–224 (2014)
Du, Y., Zhang, R., Li, M.: Research on a security mechanism for cloud computing based on virtualization. Telecommun. Syst. 53, 19–24 (2013)
Edurado, F.B., Monge, R., Hashizume, K.: Building a security reference architecture for cloud systems. Requir. Eng. 21, 1–25 (2015)
He, J., Dong, M., Ota, K., Fan, M., Wang, G.: NetSecCC: a scalable and fault tolerant architecture for cloud computing security. Peer-to-Peer Netw. Appl. 9, 1–15 (2014)
Hu, P., Sung, C.W., Ho, S., Chan, T.H.: Optimal coding and allocation for perfect secrecy in multiple clouds. Inf. Forensics Secur. 11, 388–399 (2014)
Lee, J., Cho, J., Seo, J., Shon, T., Won, D.: A novel approach to analyzing for detecting malicious network activity using a cloud computing testbed. Mob. Netw. Appl. 18, 122–128 (2012)
Li, J., Li, Y.K., Chen, X., Lee, P.P.C., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26, 1206–1216 (2014)
Rahat, M., Shibli, M.A., Niazi, M.A.: Cloud identity management security issues and solutions: a taxonomy. Complex Adapt. Syst. Model. 2, 1–37 (2014)
Rho, S., Chang, H., Kim, S., Lee, Y.S.: An efficient peer-to-peer distributed scheduling for cloud and grid computing. Peer-to-Peer Netw. Appl. 8, 863–871 (2014)
Li, Q., Han, Q., Sun, L.: Collaborative recognition of queuing behavior on mobile phones. Mob. Comput. 15, 60–73 (2014)
Tak, G.K., Badge, N., Manwatkar, P., Rangnathan, A., Tapaswi, S.: Asynchronous anti phishing image captcha approach towards phishing. In: International Conference on Future Computer and Communication, vol. 3, pp. 694–698. IEEE (2010)
Malhotra, K., Gardner, S., Patz, R.: Implementation of elliptic-curve cryptography on mobile healthcare devices. IEEE (2007)
Jia, X., et al.: Efficient revocable id-based signature with cloud revocation server. IEEE Access 5, 2945–2954 (2017)
Arjunan, K., Modi, C.N.: An enhanced intrusion detection framework for securing network layer of cloud computing. In: Asia Security and Privacy (ISEASP), 2017 ISEA. IEEE (2017)
Hamdi, O., Mbaye, M., Krief, F.: A cloud-based architecture for network attack signature learning. In: 2015 7th International Conference on New Technologies, Mobility and Security (NTMS). IEEE (2015)
Huang, S.-Y., Huang, Y., Suri, N.: Event pattern discovery on IDS traces of cloud services. In: 2014 IEEE Fourth International Conference on Big Data and Cloud Computing (BdCloud). IEEE (2014)
Mehmood, Y., et al.: Intrusion detection system in cloud computing: challenges and opportunities. In: 2013 2nd National Conference on Information Assurance (NCIA). IEEE (2013)
Kumawat, S., Sharma, A.K., Kumawat, A.: Intrusion detection and prevention system using K-learning classification in cloud. In: 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom). IEEE (2016)
Alarifi, S.S., Wolthusen, S.D.: Detecting anomalies in IaaS environments through virtual machine host system call analysis. In: 2012 International Conference for Internet Technology and Secured Transactions. IEEE (2012)
Fellin, C., Haney, M.: Preventing the mistraining of anomaly-based IDSs through ensemble systems. In: 2014 IEEE World Congress on Services (SERVICES). IEEE (2014)
Pan, Z., Pacheco, J., Hariri, S.: Anomaly behavior analysis for building automation systems. In: 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA). IEEE (2016)
Gupta, D., Gupta, S.: An efficient approach of trigger mechanism through IDS in cloud computing. In: 2017 4th IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON). IEEE (2017)
Li, Z., Sun, W., Wang, L.: A neural network based distributed intrusion detection system on cloud platform. In: 2012 IEEE 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS), vol. 1. IEEE (2012)
Alqahtani, S.M., John, R.: A comparative analysis of different classification techniques for cloud intrusion detection systems’ alerts and fuzzy classifiers. In: 2017 Computing Conference. IEEE (2017)
Alqahtani, S.M., John, R.: A comparative study of different fuzzy classifiers for cloud intrusion detection systems’ alerts. In: 2016 IEEE Symposium Series on Computational Intelligence (SSCI). IEEE (2016)
Sule, M.-J., et al.: Fuzzy logic approach to modelling trust in cloud computing. IET Cyber-Phys. Syst. Theory Appl. 2(2), 84–89 (2017)
Kumar, R., Lal, S.P., Sharma, A.: Detecting denial of service attacks in the cloud. In: 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, 14th International Conference on Pervasive Intelligence and Computing, 2nd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech). IEEE (2016)
Mukkavilli, S.K., Shetty, S.: Mining concept drifting network traffic in cloud computing environments. In: Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid 2012). IEEE Computer Society (2012)
Raja, M.C., Rabbani, M.M.A.: Combined analysis of support vector machine and principle component analysis for IDS. In: International Conference on Communication and Electronics Systems (ICCES). IEEE (2016)
Fan, M.-J., et al.: TTRSIS: a cloud computing platform for rice functional genomics research through a reverse genetics approach. In: 2011 IEEE 11th International Conference on Bioinformatics and Bioengineering (BIBE). IEEE (2011)
Kannan, A., et al.: Genetic algorithm based feature selection algorithm for effective intrusion detection in cloud networks. In: Data Mining Workshops (ICDMW). IEEE (2012)
Yin, H., Gai, K., Wang, Z.: A classification algorithm based on ensemble feature selections for imbalanced-class dataset. In: IEEE International Conference on High Performance and Smart Computing (HPSC), 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), and IEEE International Conference on Intelligent Data and Security (IDS). IEEE (2016)
Justin, V., Marathe, N., Dongre, N.: Hybrid IDS using SVM classifier for detecting DoS attack in MANET application. In: 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), pp. 775–778. IEEE (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Bakshi, A., Sunanda (2019). A Comparative Analysis of Different Intrusion Detection Techniques in Cloud Computing. In: Luhach, A., Singh, D., Hsiung, PA., Hawari, K., Lingras, P., Singh, P. (eds) Advanced Informatics for Computing Research. ICAICR 2018. Communications in Computer and Information Science, vol 956. Springer, Singapore. https://doi.org/10.1007/978-981-13-3143-5_30
Download citation
DOI: https://doi.org/10.1007/978-981-13-3143-5_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-3142-8
Online ISBN: 978-981-13-3143-5
eBook Packages: Computer ScienceComputer Science (R0)