[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content

Advertisement

Springer Nature Link
Log in

klm-PPSA v. 1.1: machine learning-augmented profiling and preventing security attacks in cloud environments

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

Nowadays, cloud computing is one of the key enablers for productivity in different domains. However, this technology is still subject to security attacks. This article aims at overcoming the limitations of detecting unknown attacks by “intrusion detection and prevention systems (IDPSs)” while addressing the black-box issue (lack of interpretability) of the widely used machine learning (ML) models in cybersecurity. We propose a “klm-based profiling and preventing security attacks (klm-PPSA)” system (v. 1.1) to detect, profile, and prevent both known and unknown security attacks in cloud environments or even cloud-based IoT. This system is based on klm security factors related to passwords, biometrics, and keystroke techniques. Besides, two sub-schemes of the system were developed based on the updated and improved version of the klm-PPSA scheme (v. 1.1) to analyze the impact of these factors on the performance of the generated models (k-PPSA, km-PPSA, and klm-PPSA). The models were built using two accurate and interpretable ML algorithms: regularized class association rules (RCAR) and classification based on associations (CBA). The empirical results show that klm-PPSA is the best model compared to other models owing to its high performance and attack prediction capability using RCAR/CBA. In addition, RCAR performs better than CBA.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Availability of data and materials

The data presented herein are publicly available through the provided links.

Abbreviations

CAR:

Class association rule

CBA:

Classification based on associations

CC:

Cloud computing

CPU:

Central processing unit

DDoS:

Distributed denial of service

DoS:

Denial of service

EER:

Equal error rate

IDSs:

Intrusion detection systems

IDPSs:

Intrusion detection and prevention systems

IoT:

Internet of Things

IP:

Internet protocol

IPSs:

Intrusion prevention systems

PPSA:

Profiling and preventing security attacks

klm-PPSA:

klm-based PPSA

km-PPSA:

km-based PPSA

k-PPSA:

k-based PPSA

MAC:

Media access control

ML:

Machine learning

RCAR:

Regularized class association rules

V./v.:

Version

References

  1. Zhong M, Zhou Y, Chen G (2021) Sequential model based intrusion detection system for IoT servers using deep learning methods. Sensors 21(4):1113

    Article  Google Scholar 

  2. Dalmazo BL, Vilela JP, Curado M (2018) Triple-similarity mechanism for alarm management in the cloud. Comput Secur 78:33–42

    Article  Google Scholar 

  3. Eddermoug N, et al (2021) Klm-based profiling and preventing security attacks for cloud computing: a comparative study. In: Proceedings of the 2021 28th International Conference On Telecommunications (Ict). pp 1-6

  4. Roser G (2018) Security update. Retrieved January 11, 2019, from https://newsroom.fb.com/news/2018/09/security-update

  5. Shelke PK, Sontakke S, Gawande DAD (2012) Intrusion detection system for cloud computing. Int J Sci Technol Res 1(4):67–71

    Google Scholar 

  6. Kumar R, Sharma D (2018) HyINT: signature-anomaly intrusion detection system. In: Proceedings of the 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). pp 1-7

  7. Deshpande P et al (2018) HIDS: a host based intrusion detection system for cloud computing environment. Int J Syst Assur Eng Manag 9:567–576

    Article  Google Scholar 

  8. Lonea AM, Popescu DE, Tianfield H (2012) Detecting DDoS attacks in cloud computing environment. Int J Comput Commun Control 8(1):70–78

    Article  Google Scholar 

  9. N. Krishnan, A. Salim (2018) Machine learning based intrusion detection for virtualized infrastructures. In: Proceedings of the 2018 International CET Conference On Control, Communication, And Computing (IC4). pp 366–371

  10. Idrus SZS et al (2014) Soft biometrics for keystroke dynamics: profiling individuals while typing passwords. Comput Secur 45:147–155

    Article  Google Scholar 

  11. K. Mackenzie et al (2019) Cyber security enhanced monitoring, US Patent No 20190098036, filed Sept. 26, 2018, issued March 28, 2019

  12. A. Master (2019). System and method for detecting the user using a single one-time password, WO Patent No 2019075447, filed Oct. 14, 2018, issued Apr. 18, 2019

  13. Hajimirzaei B, Jafari Navimipour N (2018) Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Express 5(1):56–59

    Article  Google Scholar 

  14. Kumar S et al (2018) Privacy preserving security using biometrics in cloud computing. Multimedia Tools Appl 77:11017–11039

    Article  Google Scholar 

  15. Handa J, Singh S, Saraswat S (2019) A comparative study of mouse and keystroke based authentication. In: Proceedings of the 2019 9th International Conference On Cloud Computing, Data Science Engineering (Confluence). pp 670–674

  16. Prabha KM, Saraswathi PV (2018) Tiger hash Kerberos biometric blowfish user authentication for secured data access in cloud. In: Proceedings of the 2018 2nd International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud). pp 145-151

  17. Sahi A et al (2017) An efficient DDoS TCP flood attack detection and prevention system in a cloud environment. IEEE Access 5:6036–6048

    Google Scholar 

  18. Sayad Haghighi M, Farivar F, Jolfaei A (2020) A machine learning-based approach to build zero false-positive IPSs for industrial IoT and CPS with a case study on power grids security. IEEE Trans Ind Appl PP(99):1–1

  19. Laka P, Korzeb Z, Mazurczyk W (2021) Novel user authentication method based on body composition analysis. Ann Telecommun 76:175–185

    Article  Google Scholar 

  20. Haghighat AT, Shajari M (2020) Service integrity assurance for distributed computation outsourcing. IEEE Trans Serv Comput 13:1166–1179

    Google Scholar 

  21. Al-Omari M, et al (2021) An intelligent tree-based intrusion detection model for cyber security. J Netw Syst Manag 29(2)

  22. Karaçay L, Savaç E, Alptekin H (2020) Intrusion detection over encrypted network data. Comput J 63(4):604–619

  23. Chap2-Les Modèles Goms et Kestroke. Available online: http://iihm.imag.fr/nigay/enseig/M2GI/MULTIMOBILE/Chap2-GomsKestroke.pdf. Accessed 20 May 2022

  24. Sridhar M, Vaidya S, Yawalkar P (2015) Intrusion detection using keystroke dynamics & fuzzy logic membership functions. In: Proceedings of the 2015 International Conference on Technologies for Sustainable Development (ICTSD), Mumbai, India, 04-06 February 2015, pp 1-10

  25. Migdal D, Rosenberger C (2019) Statistical modeling of keystroke dynamics samples for the generation of synthetic datasets. Futur Gener Comput Syst 100:907–920

    Article  Google Scholar 

  26. Card SK, Moran TP, Newel A (1980) The keystroke-level model for user performance time with interactive systems. Commun ACM 23:396–410

    Article  Google Scholar 

  27. Haykin S (1998) Neural networks: a comprehensive foundation, 2nd edn. Prentice Hall PTR, Upper Saddle River

    MATH  Google Scholar 

  28. Cortes C, Vapnik V (1995) Support-vector networks. Mach Learn 20:273–297

    Article  MATH  Google Scholar 

  29. John GH, Langley P (1995) Estimating continuous distributions in Bayesian classifiers. In: Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, Morgan Kaufmann Publishers Inc.: San Francisco, CA, USA, UAI’95. pp 338–345

  30. Li W, Han J, Pei J (2001) CMAR: accurate and efficient classification based on multiple class-association rules. In: Proceedings of the Proceedings 2001 IEEE International Conference on Data Mining. pp 369–376

  31. Agrawal R et al (1996) Fast discovery of association rules. Adv Knowl Discov Data Min 12:307–328

    Google Scholar 

  32. Liu B, Hsu W, Ma Y (1998) Integrating classification and association rule mining. In: Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD’98). pp 80–86

  33. Azmi M, Runger GC, Berrado A (2019) Interpretable regularized class association rules algorithm for classification in a categorical data space. Inf Sci Elsevier 483:313–331

    Article  MATH  Google Scholar 

  34. Friedman J, Hastie T, Tibshirani R (2010) Regularization paths for generalized linear models via coordinate descent. J Stat Softw 33(1):1

    Article  Google Scholar 

  35. Azmi M, Berrado A (2020) RCAR framework: building a regularized class association rules model in a categorical data space. In: Proceedings of the 13th International Conference on Intelligent Systems: Theories and Applications (SITA’20). pp 1–6

  36. Eddermoug N, et al (2022) Système de reconnaissance et de prévention des attaques, MA Patent No 50274, filed Jul. 1, 2020, issued Apr. 29, 2022

Download references

Funding

This research was funded by ENSEM’s LRI Lab. & Hassan II University of Casablanca and supported by the NEST Research Group.

Author information

Authors and Affiliations

  1. NEST Research Group, LRI Laboratory, ENSEM, Hassan II University of Casablanca, Casablanca, Morocco

    Nahid Eddermoug, Abdeljebar Mansour & Mohamed Sadik

  2. SIGL Laboratory, ENSATe, Abdelmalek Essaadi University, Tetouan, Morocco

    Abdeljebar Mansour

  3. Department of Computer Science, University of Quebec at Montreal, Montreal, QC, H2L 2C4, Canada

    Essaid Sabir

  4. ISSIEE Laboratory, ENSAM, Hassan II University of Casablanca, Casablanca, Morocco

    Mohamed Azmi

Authors
  1. Nahid Eddermoug
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdeljebar Mansour
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohamed Sadik
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Essaid Sabir
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohamed Azmi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Essaid Sabir.

Ethics declarations

Consent for publication

All authors have read and agreed to the published version of the manuscript.

Conflict of interest

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Eddermoug, N., Mansour, A., Sadik, M. et al. klm-PPSA v. 1.1: machine learning-augmented profiling and preventing security attacks in cloud environments. Ann. Telecommun. 78, 729–755 (2023). https://doi.org/10.1007/s12243-023-00971-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-023-00971-w

Keywords

Search

Navigation