Network traffic analysis is one of the most important tasks in the era of on-demand Cloud Computing. However, increased resilience on computing needs, migration flexibility, and decreased costs, have made the security and privacy issues more challenging in the context of cloud computing. Although, there are several anomaly detection techniques available in literature, but due to the unbalanced nature of data, curse of dimensionality, noise in incoming data, and frequently changing anomalies, most of the existing solutions pose critical challenges in detection of aberrant patterns. Thus, in order to overcome these gaps, a new ensemble based anomaly detection scheme called "Hybrid Classification Model for Anomaly Detection (HyClass)" in cloud environment has been proposed. HyClass operates in two phases: feature selection and classification namely- (i) Boruta algorithm supported by scaling and normalization to identify important set of features and improve the accuracy and efficiency of subsequent classification and (ii) Chaotic Optimization and Differential evolution based Support Vector Machine to reduce the computational complexity by tuning the parameters of kernel function and perform classification with high accuracy. In order to evaluate the proposed anomaly detection model, two case-studies were conducted using real-time dataset from our University network and benchmark Knowledge Discovery and Data Mining (KDD'99) dataset. Experimental results in terms of detection rate, false positive rate and accuracy demonstrate the effectiveness and reliability of the proposed HyClass model.
Discussion(0)
No comments yet. Be the first to comment.