Recently, the usages of Cloud Computing are increasing rapidly and gained tremendous success over the internet. Therefore, security is the major challenge in Cloud computing and one of the major issues is to protect the Cloud resources and the services against network intrusions. So Network Intrusion Detection System (NIDS) are installed in the Cloud networks to detect the intrusions in the system. In this paper we proposed an NIDS based on Naïve Bayes Classifier to be implemented in Cloud. The main aim of the NIDS is to improve the performance by preparing the training dataset which can detect the malicious connections that exploit the Cloud HTTP services. In the training phase, the Naïve Bayes Classifiers select the important Network traffic that can be used to detect the attacks. In the testing and execution phases the proposed IDS using the Naïve Bayes Classifier classifies the services based on the selected features into normal or attacks. The proposed IDS carried out on NSL-KDD’99 dataset and results in high detection with low false alarm as compared with other similar IDS.

Cloud Computing; Cloud security;Network based Intrusion Detection System; Naïve Bayes Classifier

[1] Dewan F, Mohammad R, Chowdhury R. “Adaptive intrusion detection based on boosting and Naive Bayesian classifier”, International Journal of Computer Application 2011;24(3):12–9.
[2] Yang L. “The research of Bayesian classifier algorithms in intrusion detection system”, IEEE international conference on E-Business and E-Government, ICEE 2010. Guangzhou, China; May 2010. pp. 2174–8.
[3] Hari O, Aritra K. “A hybrid system for reducing the false alarm rate of anomaly intrusion detection system”, IEEE international conference on recent advances in information technology, RAIT 2012. Dhanbad, India; March 2012. pp. 131–6.
[4] Alexander T, Aleksey P, So Grigory. “Efficient computer network anomaly detection by change point detection methods”. IEEE J Sel Top Signal Process 2013,7(1):4–11.
[5] Sumaiya T, Aswani C. “An analysis of supervised tree based classifiers for intrusion detection system”, IEEE proceedings of the international conference on pattern recognition, informatics and mobile engineering, PRIME 2013. Salem, India; February 2013. pp. 294–9.
[6] Chirag M, Dhiren P.” Bayesian classifier and snort based network intrusion detection system in cloud computing”, The third IEEE international conference on computing communication & networking technologies, ICCCNT 2012. Coimbatore, India; July 2012. pp. 1–7.
[7] S. Roschke, C. Feng and C. Meinel,” An Extensible and Virtualization Compartible IDS Management Architecture,” Fifth International Conference on information Assurance and Security, vol, 2,2009, pp. 130-134.
[8] Wafa .AL-Sarafat, and Reyadh Naoum” Development of Genetic –based Machine Learning for Network Intrusion Detection “World Academy of Science, Engineering and Technology 55,2009.
[9] D. Nurmi, R. Wolski, C.Grzegorczyk, G. Obertelli, S. Soman, L. Youseff and D. Zagordnov. (2008) “Eucalyptus: A Technical Report on an Elastric Utility Computing Architecture Linking Your Programs to Useful Systems”, UCSB Computer Science Technical Report Number 2008-10.
[10] Nabil A, Soroush H, Ljiljana T. “Feature selection for classification of BGP anomalies using Bayesian models”, Proceedings of the international conference on machine learning and cybernetics. ICMLC 2012. Xian, Shaanxi, China; July 2012. pp. 140–7.
[11] Peng H, Fulmi L, Ding C. “Feature selection based on mutual information criteria of max-dependency, max-relevance, and minredundancy”, IEEE Trans Pattern Anal Mach Intell 2005;27(8):1226–38.
[12] Chandrasekhar M, Raghuveer K. Intrusion detection technique by using k-means, fuzzy neural network and SVM classifiers. In: IEEE international conference on computer communication and informatics. Coimbatore, India; January 2013. pp. 1–7.
[13] Mohamed M. Abd-Eldayem, “A proposed HTTP service based IDS”, Egyptian Informatics Journal (2014) 15, 13–24.
[14] The NSL-KDD data set http://nsl.cs.unb.ca/NSL-KDD/.