A deep learning approach for proactive multi-cloud cooperative intrusion detection system

The last few years have witnessed the ability of cooperative cloud-based Intrusion Detection Systems (IDS) in detecting sophisticated and unknown attacks associated with the complex architecture of the Cloud. In a cooperative setting, an IDS can consult other IDSs about suspicious intrusions and make a decision using an aggregation algorithm. However, undesired delays arise from applying aggregation algorithms and also from waiting to receive feedback from consulted IDSs. These limitations render the decisions generated by existing cooperative IDS approaches ineffective in real-time, hence making them unsustainable. To face these challenges, we propose a machine learning-based cooperative IDS that efficiently exploits the historical feedback data to provide the ability of proactive decision making. Specifically, the proposed model is based on a Denoising Autoencoder (DA), which is used as a building block to construct a deep neural network. The power of DA lies in its ability to learn how to reconstruct IDSs’ feedback from partial feedback. This allows us to proactively make decisions about suspicious intrusions even in the absence of complete feedback from the IDSs. The proposed model was implemented in GPU-enabled TensorFlow and evaluated using a real-life dataset. Experimental results show that our model can achieve detection accuracy up to 95%.

Mots clés

intrusion detection systems; deep learning; cloud computing; security