Network Intrusion Detection System based PSO-SVM for Cloud Computing

• Published in: International journal of computer network and information security Vol. 11; no. 3; pp. 22 - 29
• Main Authors: Sakr, Mahmoud M, Tawfeeq, Medhat A, El-Sisi, Ashraf B
• Format: Journal Article
• Language: English
• Published: Hong Kong Modern Education and Computer Science Press 08.03.2019
• Subjects: Cloud computing; Cybersecurity; False alarms; Intrusion detection systems; Particle swarm optimization; Support vector machines
• ISSN: 2074-9090; 2074-9104
• DOI: 10.5815/ijcnis.2019.03.04

Cloud computing provides and delivers a pool of on-demand and configurable resources and services that are delivered across the usage of the internet. Providing privacy and security to protect cloud assets and resources still a very challenging issue, since the distributed architecture of the cloud makes it vulnerable to the intruders. To mitigate this issue, intrusion detection systems (IDSs) play an important role in detecting the attacks in the cloud environment. In this paper, an anomaly-based network intrusion detection system (NIDS) is proposed which can monitor and analyze the network traffics flow that targets a cloud environment. The network administrator should be notified about the nature of these traffics to drop and block any intrusive network connections. Support vector machine (SVM) is employed as the classifier of the network connections. The binary-based Particle Swarm Optimization (BPSO) is adopted for selecting the most relevant network features, while the standard-based Particle Swarm Optimization (SPSO) is adopted for tuning the SVM control parameters. The benchmark NSL-KDD dataset is used as the network data source to build and evaluate the proposed system. Acceptable evaluation results state that the proposed system is characterized by detecting the intrusive network connections with high detection accuracy and low false alarm rates (FARs).