Please download to get full document.

View again

of 8

Security Attacks Detection in Cloud using Machine Learning Algorithms

Security Attacks Detection in Cloud using Machine Learning Algorithms
2 views8 pages
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
    International Research Journal of Engineering and Technology (IRJET)  e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 p-ISSN: 2395-0072   © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 223 Security Attacks Detection in Cloud using Machine Learning Algorithms Dhivya R 1 , Dharshana R 2 , Divya V 3   1  Associate Professor, Dept. of Computer Science and Engineering, KPRIET, Tamilnadu, India   2,3 Student, Dept. of computer science and Engineering, KPRIET, Tamilnadu, India ---------------------------------------------------------------------***---------------------------------------------------------------------    Abstract - Cloud computing is an evolving technology that    provides reliable and scalable on-demand resources and different services to users with less infrastructure cost. Even though the cloud has many advantages it faces many drawbacks like vulnerability to attacks, network connectivity dependency, downtime, vendor lock-in, limited control. From the above-mentioned disadvantages, a security attack is the main drawback in the cloud. There are various security attacks like Denial-of-service (DOS) attack, Malware injection attack, Side channel attack, Man-in-the-middle attack, Authentication attack. To detect this attack in the cloud the machine learning algorithm like Support vector machine (SVM), Naive Bayes, Decision tree, Logistic regression, Ensemble methods can be used. In this paper, we have mainly focused on various security attacks in the cloud and the machine learning algorithms used for detecting the attacks. Key Words :   Security attacks, Machine learning algorithms,   Detection. 1. INTRODUCTION The cloud is a booming technology in the computer sector. It refers to the accessing of the information technology and the software applications through the internet connection. The Software as a service (SAAS), Platform as a service (PAAS) and the Infrastructure as a service (IAAS) all together encapsulate to form the cloud. All the above services are the three types of services that is been provided by cloud computing. The services are hosted at the data centre by the cloud service providers for the organization or the individual users to utilize the services through a network connection. The cloud service providers are the companies that offer different services in the cloud. The major cloud service providers include AWS, Sales force, Cisco, Apple, Google, IBM (Soft Layer), Oracle, Microsoft (Azure), and SAP, Rack space, and Verizon (which acquired Terre mark. But the Sales force and the Apple are interested in providing their own application rather than hosting applications for others. The companies like Google, IBM, Microsoft, SAP provides all the three services of the cloud while the other companies provide either two or one of the cloud services. One of the disadvantages in cloud computing is security attacks. This drawback is due to the data storage at different geographical areas in cloud computing. Fig.1    International Research Journal of Engineering and Technology (IRJET)  e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 p-ISSN: 2395-0072   © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 224 The above chart describes the various security threats in public clouds as per the cloud security report provide by cloud security insiders, thus from the chart the misconfiguration of the cloud platform is about 62%, unauthorized access is about 55%, Insecure interfaces /APIs is about 50%, Hijacking of accounts, services or traffic is about 47%. In section 2, we discussed different types of attacks on the cloud such as denial of service, malware injection attack, side channel attack, authentication attack, a man in the middle attack. Section 3, describes various machine learning algorithm used in security attack to detect like naive Bayes, support vector machine (SVM), K-means clustering, fuzzy logic, decision tree, and genetic algorithm. 2. ATTACKS ON CLOUD The cloud encounters many security attacks due to its disadvantages. The various cloud attacks like Denial of service attack, Malware injection attack, side channel attack, Man in the middle attack and the authentication attack are discussed below. The attacks may happen at different parts of the cloud like the data storage, during a transaction, during resource utilization and sharing. The loss of the attack can be lower to higher based on the type of attack. The reason for the attack in the cloud is due to the huge increase in the use of cloud services. Fig.2 Attacks on cloud 2.1 Denial of service attack Denial of service attack the targeted cloud system is overloaded with the service requests from the attacker that stops it from responding to the upcoming new requests and to its users. According to some of the cloud security alliance, this cloud is very much vulnerable to this Dos attack. The Denial of service attack can be categorized into the DoS attack and the DDoS (Distributed denial of service attack). The attack was done using the single system and the single network is known as the DoS attack. The attack was done using multiple systems and the multiple networks are known as the Distributed denial of service attack (DDoS). The different types of the DDoS attacks are Volume based attack, protocol attacks, Application layer attack. 2.2 Malware injection attack Malware injection attack the attacker injects the victim system with the malicious service or the malicious virtual machine. Here the attacker creates its own malicious virtual machine or the malicious service module and tries to add it into the cloud system. Then the attacker must behave so as to make the cloud system believe that it is a valid service. If the attacker succeeds then the cloud automatically redirects all the requests to this malicious service. Now the attacker can access the service requests of the victim services. 2.3  Side channel attack The attacker tries to compromise the cloud system by placing a malicious virtual machine nearby to the target cloud system then it dispatches the side channel attack. These channels are created in the software implementation of cryptographic algorithms. Its impact may be greater than any other attacks as they attempt to retrieve secret data without any special privileged access and in a non-exhaustive manner. There are different categories of side channel attack like Timing attacks, Cache attacks, Electromagnetic attacks, and Power-monitoring attacks. Electromagnetic    International Research Journal of Engineering and Technology (IRJET)  e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 p-ISSN: 2395-0072   © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 225 attacks and power –  monitoring attacks are mostly applicable to physical devices such as smart cards. The cache attacks and the Timing attacks are mainly applicable to the cloud computing. 2.4  Authentication attack The Authentication attack mainly focuses on the authentication part of the cloud services. The primary authentication in most of the services is the username and the password which is a type of the knowledge-based authentication. The secondary authentication like shared secret questions, site keys, virtual keyboards is used by secure functioning organizations like the financial company. Some of the authentication attacks are the Brute Force Attacks, Dictionary Attack, Shoulder Surfing, Replay Attacks, Phishing Attacks, Key Loggers. a)   Brute force attack: This attack is like a trial and error method; all possible combinations of the password are applied to break the password. b)   Keyloggers: It is a form of a software program, where it monitors the actions of the user by recording each and every key pressed by the user. c)   Phishing attack: In this attack, the attacker redirects the user to the fake websites to get the passwords and the pin codes of the user, it is a kind of the web-based attack. 2.5 Man-in-the-middle-attack Man-in-the-middle attack the attacker intercepts the message in the public key exchange and retransmits it by substituting its own public key for the requested one, but the two srcinal are still communicating normally. The sender does not know that the messages sent by him is received by an attacker and he can access data, modify the message before retransmitting it to the receiver. Some of the man-in-the-middle attacks are Address Resolution Protocol Communication (ARP), ARP Cache Poisoning, DNS Spoofing, Session Hijacking. 3.    A MACHINE LEARNING ALGORITHM FOR DETECTION The machine learning algorithm allows software applications to produce accurate predicting outcomes without being explicitly programmed. The machine learning algorithm can be divided into classification algorithms and clustering algorithms. Some of the classification algorithms are the Naïve Bayes, support vector machine (SVM), decision tree, logistic regression, and ensemble methods. In this paper, we are going to use the classification algorithm. 3.1 Naïve Bayes Naive Bayes depends on the Bayesian technique for playing out the classification process. It is a basic and most straight forward procedures for building classifiers models that allocate class labels to issue instance, represented as vectors of highlight values when the class labels are drawn from some limited set. The use of hidden Naive Bayes (HNB) gives exact outcomes than the traditional naive Bayes model. HNB can be connected to intrusion detection issues that experience the ill effects of dimensionality exceptionally related highlights and high system information stream volumes. Dos attack is distinguished utilizing 3 system: Multilayer perceptron (MLP), Naive Bayes and Random forest. MLP demonstrated the most elevated exactness rate 98.63% when contrasted with different systems. Display utilized naive Bayes classifier with k2 learning process on decreased NSL KDD dataset for each attack class. In the proposed model each layer is prepared to dataset a solitary sort of attack. The result of one layer is passed on to another layer to build the identification rate. It distinguishes attack that happens in an unverifiable circumstance. 3.2  Support Vector Machine (SVM) SVM is used in classification and regression. classification can be viewed as the task of separating classes in feature space. It became famous when using the image as input, it gave good accuracy. Currently, SVM used in object detection and recognition, content-based image retrieval, text recognition, biometrics, speech recognition etc. Svm is a practical learning method based on statistical learning theory. Construct a hyperplane in the decision surface in such a way that the margin of separation between positive and negative. The goal of SVM is to find the particular hyperplane of which the margin is maximized. The particular data point for which the first or second line of the equation is satisfied with the equality sign is called a support vector.    International Research Journal of Engineering and Technology (IRJET)  e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 p-ISSN: 2395-0072   © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 226 3.3 Decision Tree The decision tree algorithm is a kind of the classification-based machine learning algorithm. A decision tree is a flow-chart-like hierarchical tree structure which is composed of three basic elements: decision nodes corresponding to attributes, edges or branches which correspond to the different possible attribute values. The third component is leaves including objects that typically belong to the same class or that are very similar. Tree induction algorithms like Id3 and C4,5 create decision trees, it takes only one attribute at a time. The decision tree nodes are created by choosing an attribute from the feature space of the dataset that brings maximum information gain by splitting the data on its distinct value. After the split, the information gain is calculated as the difference between the entropy of the initial dataset and the sum of the entropies of each of the subsets. 3.4 Logistic Regression The logistic regression is the commonly used tool for discrete data analysis. It uses an equation as the representation. Logistic regression is used for predicting the probabilities of the various classes does an analysis and give a group of independent variables. It makes use of a linear equation with independent predictors for predicting a value. The predicted value can be anywhere from negative infinity to positive infinity of the system. We can squash the output of the linear equation into a range of [0,1]. For squashing the predicted value from 0 to 1, we make use of the sigmoid function. It provides a solution for the classification problem that assumes that a linear combination of the observed features can be used to determine the probability of each particular outcome of the dependent variable. 3.5 Ensemble Method Ensemble methods is a learning algorithm that constructs a group of classifiers and then by using the weighted vote of their predictions we classify new data points. The srcinal ensemble method is Bayesian averaging but recent algorithms include error-correcting output coding Bagging and boosting. The various types of ensemble methods are Bootstrap AGGregating, Random Forest Models. 1. Bootstrap AGGregating BAGGing name is given because it combines B ootstrapping and  Agg regation to form one ensemble model. When a sample of data is given, many bootstrapped subsamples are taken from the sample. In each bootstrapped samples a decision tree is formed. After decision tree subsamples are formed, an algorithm is used to aggregate over the Decision Trees to form the most efficient predictor.  2.   Random Forest Models Random Forest models will implement differentiation levels because based on different features each tree is splitted. This differentiation levels provides a greater ensemble to aggregate over, ergo producing a more accurate predictor. 4. THE VARIOUS SECURITY ATTACKS DETECTION IN CLOUD BY OTHER AUTHORS ARE STUDIED BELOW Paper Title Algorithm Security Advantages Limitations used attack DDoS Attack C4.5 Denial of • The article discusses about the The C4.5 algorithm Detection using algorithm service objective of the Denial-of service alone cannot detect the Machine and decision attack attack and had proposed an DDoS DDoS attack, it must be Learning tree model using the C.4.5 algorithm to coupled with the Techniques in mitigate the DDoS threat. Signature detection Cloud • In this the algorithm is coupled technique. Computing with the signature detection Environments techniques that generates the    International Research Journal of Engineering and Technology (IRJET)  e-ISSN: 2395-0056 Volume: 06 Issue: 02 | Feb 2019 p-ISSN: 2395-0072   © 2019, IRJET | Impact Factor value: 7.211 | ISO 9001:2008 Certified Journal | Page 227 decision tree for detecting the DDoS attacks. • It also discusses about the three methodologies of the Intrusion detection and demonstrates about the C.4.5 model. An Efficient FireCol Distributed • Proposed about the detection and In this paper the Detection and algorithm denial of prevention of DDoS attacks in cloud existing accuracy is Prevention of service environment. better than the DDoS Attacks in • The article says that internet is most proposed accuracy. Cloud popular technology and cloud Environment computing is an internet-based computing. • The DDoS attacks are increasing in the cloud computing due to the essential characteristics of the cloud. It, Address the problem of DDoS attacks and present the theoretical foundation, architecture, and algorithms of FireCol. • It discusses about detection and prevention of the attack using FireCol algorithm.
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks

We need your sign to support Project to invent "SMART AND CONTROLLABLE REFLECTIVE BALLOONS" to cover the Sun and Save Our Earth.

More details...

Sign Now!

We are very appreciated for your Prompt Action!