A lot of resources and computing facilities are afforded by Cloud computing through the Internet. It attracts many users with its advantageous features. Despite of this, Cloud system experience several security issues. Distributed Denial of Service (DDoS) attacks is the most dangerous attack in the cloud computing environment. Hence, it is important to develop an Intrusion Detection System (IDS) to detect the attacker with high detection accuracy in the cloud environment. This work proposes an anomaly detection system named Ant Agent Rule Based Multiclass Support Vector Machine (AA-RB-MSVM) Algorithm at the hypervisor layer which is a hybrid approach of various algorithms like Ant Colony Algorithm, Rule based Approach and Support Vector Machine Algorithms to progress the precision of the detection system. The DARPA’s KDD cup dataset 1999 is used for experiments. The proposed algorithm shows high detection accuracy and low false positive rate based on the experimental observation when compared with the existing algorithms.

DDoS attack, Resource Availability, Cloud Computing, Soft Computing

[1] Md. Tanzim Khorshed, A.B.M Shawkar Ali, Saleh A. Wasimi, “ A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing”, Future Generation Computer Systems, Vol 28, 2012, pp 833-851.
[2] Hai J, Guofu X, Deqing , “AVMM-based intrusion prevention system in cloud computing environment”, J Supercomputer Springer Science, Bus Media 66(3):1133–1151. 2013
[3] Vishnu Patidar, Makhan Kumbhkar, “Analysis of Cloud Computing Security Issues in Software as a Service”, International Journal of Scientific Research in Computer Science and Engineering, Vol.2, Issue 3, pp 1-5, June 2014.
[4] Pandeeswari.N, Ganesh kumar, “Anomaly detection system in Cloud Environment using Fuzzy Clustering based ANN”, Mobile Network and Applications, Vol 21 (3), pp 494-505, August 2015.
[5] A Bala, Y Osais, “Modelling and simulation of DDOS Attack using SimEvents”, International Journal of Scientific Research in Network Security, Vol 2(1), pp 39–45,2013.
[6] Vinothina V, Sridaran R, Padmavathi G,” A survey on resource allocation strategies in cloud computing”, International Journal of Advanced Computer Science Applications, Vol 3(6), pp 97–104, 2012
[7] W Wang, S Gombault, W Wang, S Gombault, Proceedings of the 3rd International conference on Risks and Security of Internet and Systems (CRiSIS’08), in Efficient detection of DDoS attacks with important attributes(IEEE, Tozeur, 2008), pp. 61–67
[8] V Bolon-Canedo, N Sanchez-Marono, A Alonso-Betanzos, Feature selection and classification in multiple class datasets: an application to KDD Cup 99 dataset. Expert Syst Appl 38(5), 5947–5957 (2011)
[9] Z Baig, S Sait, A Shaheen, GMDH-based networks for intelligent intrusion detection. Eng Appl Artif Intel 26(7), 1731–1740 (2013)
[10] S Lin, K Ying, C Lee, Z Lee, An intelligent algorithm with feature selection and decision rules applied to anomaly intrusion detection. Appl Soft Comput 12(10), 3285–3290 (2012)
[11] Y Li, J Xia, S Zhang, J Yan, X Ai, K Dai, An efficient intrusion detection system based on support vector machines and gradually feature removal method. Expert Syst Appl 39(1), 424–430 (2012)
[12] S Sindhu, S Geetha, A Kannan, Decision tree based light weight intrusion detection using a wrapper approach. Expert Syst Appl 39(1), 129–141 (2012)
[13] F Zhang, D Wang, Proceedings of the 8th International Conference on Networking, Architecture and Storage (NAS), in An effective feature selection approach for network intrusion detection (IEEE, Xi’an, 2013), pp. 307–311
[14] S Bhattacharya, S Selvakumar, Multi-measure multi-weight ranking approach for the identification of the network features for the detection of DoS and Probe attacks. Compt. J. 1-21 (2015)
[15] A Olusola, A Oladele, D Abosede, in Proceedings of the World Congress on Engineering and Computer Science. Analysis of KDD’99 intrusion detection dataset for selection of relevance features (San Francisco, USA, 2010), pp.1-7.http://www.iaeng.org/publication/WCECS2010/WCECS2010_pp162-168.pdf
[16] G Geng, N Li, S Gong, The Proceedings of International Conference on Industrial Control and Electronics Engineering (ICICEE), in Feature Selection Method for Network Intrusion Based on Fast Attribute Reduction of Rough Set (IEEE, Xi’an, 2012), pp. 530–534
[17] Akramifard, H., et al. "Intrusion Detection in the Cloud Environment Using Multi-Level Fuzzy Neural Networks." Proceedings of the International Conference on Security and Management (SAM). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp), 2015.
[18] Bhat, Amjad Hussain, Sabyasachi Patra, and Debasish Jena. "Machine learning approach for intrusion detection on cloud virtual machines." International Journal of Application or Innovation in Engineering & Management (IJAIEM) 2.6 (2013): 56-66.
[19] Sondhiya, Richa, Maneesh Shreevastav, and Mahendra Mishra. "To improve security in cloud computing with intrusion detection system using neural network." Int. J. Soft Comput. Eng 3.2 (2013).
[20] Ramteke, Swati, Rajesh Dongare, and Komal Ramteke. "Intrusion Detection System for Cloud Network Using FC-ANN Algorithm." International Journal of Advanced Research in Computer and Communication Engineering 2.4 (2013).
[21] Mahmoudpour, Saeid, and Seyed Javad Mirabedini. "Diagnosis of Distributed Denial of Service Attacks using the Combination Method of Fuzzy Neural Network and Evolutionary Algorithm." Indian Journal of Science and Technology 8.28 (2015): 1.
[22] Anitha, R., et al. "A Real Time Detection of Distributed Denial-of-Service Attacks Using Cumulative Sum Algorithm and Adaptive Neuro-Fuzzy Inference System." Advances in Computer Science, Engineering & Applications. Springer Berlin Heidelberg, 2012. 773-782.
[23] Chirag NM, Dhiren RP, Avi P, Muttukrishnan R (2012) Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing. In: Proceedings of 2nd International Conference on Communication, Computing & Security, Procedia Technology, 6:905–912. doi:10.1016/j.protcy.2012.10.110
[24] Bakshi A, Yogesh B (2010) Securing cloud from DDOS attacks using intrusion detection system in virtual machine. In: Proceedings of second International Conference on Communication Software and Networksp260–264. doi:10.1109/ICCSN.2010.56
[25] Amjad HB, Sabyasachi P, Debasish J (2013) Machine learning approach for intrusion detection on cloud virtual machines. Int J Appl Innov Eng Manag 2(6):57–66