MFAAMDTL: An Efficient Multimodal Feature Analysis Model to Mitigation Cloud Attacks using Transfer Learning Operations

Authors

  • Anagha Raich G.H.Raisoni University, INDIA
  • Vijay Gadicha G.H.Raisoni University, INDIA

Keywords:

Cloud, pattern, feature, classification, attack, detection, accuracy, online, offline, machine, LSTM, GRU, RNN, temporal, analysis

Abstract

The persistent issue is that cloud applications fortified post-deployment with security patches remain susceptible to sophisticated attack vectors. In response to this, the discourse introduces an innovative, lightweight header layer designed to preemptively filter incoming requests prior to their processing by Cloud Virtual Machines (CVMs). Leveraging a combination of instantaneous and temporal analytics, this layer is adept at the early detection and neutralization of a broad spectrum of both active and passive cybersecurity threats, significantly bolstering the resilience of cloud deployments against malicious endeavors. To operationalize this defense mechanism, the system deploys an advanced logging framework capable of high-velocity data capture, triggered by an array of header-level events such as authentication attempts, access requests, and the temporal intervals between successive requests. This granular data collection strategy equips the system with a comprehensive dataset, derived from continuous user interactions, which is subsequently subjected to an intricate post-processing regimen aimed at the extraction of multimodal features. This process involves the manual tagging of request-response pairs by a curated group of users, facilitating the identification of diverse threat signatures such as temporal attack probabilities, IP-based attack typologies, user access patterns, and anomalies in request-response dynamics. At the heart of this model lies a sophisticated deep transfer learning framework, integrating the nuanced capabilities of Long Short-Term Memory (LSTM) networks and Gated Recurrent Unit (GRU)-based Recurrent Neural Networks (RNNs), trained on an extensive corpus of user-generated data. This hybrid RNN methodology enables the model to discern and classify a wide array of attack vectors with remarkable accuracy. An incremental learning module further refines the model's efficacy, enabling dynamic adaptation and continuous improvement in its predictive accuracy, precision, and recall metrics across various attack scenarios, including but not limited to Distributed Denial of Service (DDoS), brute force, cross-site scripting, SQL injection, as well as more passive threats like access control breaches and restricted ownership transfer attempts. Empirical evaluations of this model underscore its superior performance, achieving notable accuracy rates in detecting authentication attacks (99.3%), unauthorized access attempts (97.1%), DDoS and similar request-pattern aberrations (99.1%), and Man in the Middle (MITM) attacks (99.2%). When benchmarked against contemporary models, this innovative approach demonstrated a performance uplift of 6.5%, underscoring its viability for real-time deployment and scalability across diverse cloud networking scenarios.

Downloads

Download data is not yet available.

References

A. Bhardwaj, V. Mangat and R. Vig, "Hyperband Tuned Deep Neural Network With Well Posed Stacked Sparse AutoEncoder for Detection of DDoS Attacks in Cloud," in IEEE Access, vol. 8, pp. 181916-181929, 2020, doi: 10.1109/ACCESS.2020.3028690.

H. Yang, S. Ju, Y. Xia and J. Zhang, "Predictive Cloud Control for Networked Multiagent Systems With Quantized Signals Under DoS Attacks," in IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 51, no. 2, pp. 1345-1353, Feb. 2021, doi: 10.1109/TSMC.2019.2896087.

Kushwah, G.S., Ranga, V. Detecting DDoS Attacks in Cloud Computing Using Extreme Learning Machine and Adaptive Differential Evolution. Wireless Pers Commun (2022). https://doi.org/10.1007/s11277-022-09481-9.

X. Gong et al., "Defense-Resistant Backdoor Attacks Against Deep Neural Networks in Outsourced Cloud Environment," in IEEE Journal on Selected Areas in Communications, vol. 39, no. 8, pp. 2617-2631, Aug. 2021, doi: 10.1109/JSAC.2021.3087237.

G. Xu, S. Xu, J. Ma, J. Ning and X. Huang, "An Adaptively Secure and Efficient Data Sharing System for Dynamic User Groups in Cloud," in IEEE Transactions on Information Forensics and Security, vol. 18, pp. 5171-5185, 2023, doi: 10.1109/TIFS.2023.3305870.keywords: {Security; Cloud computing; Resistance; Access control; Heuristic algorithms; Encryption; Standards; Dynamic user groups; adaptive security; fine-grained access control},

J. Deng et al., "A Survey on Vehicular Cloud Network Security," in IEEE Access, vol. 11, pp. 136741-136757, 2023, doi: 10.1109/ACCESS.2023.3339192.keywords: {Security; Cloud computing; Reliability; Roads; Network security; Authentication; Surveys; Edge computing; Vehicular ad hoc networks; Cloud computing; edge computing; security; VANETs; vehicular cloud network},

K. Muniasamy, R. Chadha, P. Calyam and M. Sethumadhavan, "Analyzing Component Composability of Cloud Security Configurations," in IEEE Access, vol. 11, pp. 139935-139951, 2023, doi: 10.1109/ACCESS.2023.3340690.keywords: {Security; Cognition; Databases; Cloud computing security; Symbols; Large-scale systems; Buildings; Formal concept analysis; Cloud security; composability; formal analysis; policy-based verification},

J. Zhang, T. Li, Z. Ying and J. Ma, "Trust-Based Secure Multi-Cloud Collaboration Framework in Cloud-Fog-Assisted IoT," in IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1546-1561, 1 April-June 2023, doi: 10.1109/TCC.2022.3147226.keywords: {Security; Cloud computing; Access control; Collaboration; Internet of Things; Authentication; Clouds; Cloud computing; multi-cloud service composition; secure collaboration; single sign-on; role-based access control},

A. Wu, A. Yang, W. Luo and J. Wen, "Enabling Traceable and Verifiable Multi-User Forward Secure Searchable Encryption in Hybrid Cloud," in IEEE Transactions on Cloud Computing, vol. 11, no. 2, pp. 1886-1898, 1 April-June 2023, doi: 10.1109/TCC.2022.3170362.keywords: {Cloud computing; Servers; Security; Encryption; Indexes; Cryptography; Hash functions; Forward secure searchable encryption; multi-user; verifiability; traceability; revocation},

C. Wang, Z. Yuan, P. Zhou, Z. Xu, R. Li and D. O. Wu, "The Security and Privacy of Mobile-Edge Computing: An Artificial Intelligence Perspective," in IEEE Internet of Things Journal, vol. 10, no. 24, pp. 22008-22032, 15 Dec.15, 2023, doi: 10.1109/JIOT.2023.3304318. keywords: {Security;Privacy;Artificial intelligence;Internet of Things;Cloud computing;Data privacy;Computer architecture;Artificial intelligence (AI);fifth generation (5G);Internet of Things (IoT);machine learning (ML);mobile-edge computing (MEC);security and privacy;software-defined network (SDN) security;virtual machine security},

A. Bagheri and A. Shameli-Sendi, "Automating the Translation of Cloud Users’ High-Level Security Needs to an Optimal Placement Model in the Cloud Infrastructure," in IEEE Transactions on Services Computing, vol. 16, no. 6, pp. 4580-4590, Nov.-Dec. 2023, doi: 10.1109/TSC.2023.3327632.

keywords: {Security;Cloud computing;Servers;Energy consumption; Data centers; Computational modeling; Quality of service; Automation;cloud computing; NFV; network security defence patterns;security function placement},

Q. Wang, Z. Wang and W. Wang, "Research on Secure Cloud Networking Plan Based on Industry-Specific Cloud Platform," in IEEE Access, vol. 11, pp. 51848-51860, 2023, doi: 10.1109/ACCESS.2023.3279409. keywords: {Switches; Security; Cloud computing; Firewalls (computing);Servers;Safety;Maintenance engineering; Commercial security service; IDC; industry-specific cloud; network security;SDN},

Y. Zhang, T. Zhu, R. Guo, S. Xu, H. Cui and J. Cao, "Multi-Keyword Searchable and Verifiable Attribute-Based Encryption Over Cloud Data," in IEEE Transactions on Cloud Computing, vol. 11, no. 1, pp. 971-983, 1 Jan.-March 2023, doi: 10.1109/TCC.2021.3119407.keywords: {Cloud computing; Encryption; Cryptography; Keyword search; Servers; Data models; Security; Multi-keyword; attribute-based searchable encryption; verification; shared multi-owner mechanism},

Z. Li, H. Jin, D. Zou and B. Yuan, "Exploring New Opportunities to Defeat Low-Rate DDoS Attack in Container-Based Cloud Environment," in IEEE Transactions on Parallel and Distributed Systems, vol. 31, no. 3, pp. 695-706, 1 March 2020, doi: 10.1109/TPDS.2019.2942591.

H. Yuan, Y. Xia, M. Lin, H. Yang and R. Gao, "Dynamic Pricing-Based Resilient Strategy Design for Cloud Control System Under Jamming Attack," in IEEE Transactions on Systems, Man, and Cybernetics: Systems, vol. 50, no. 1, pp. 111-122, Jan. 2020, doi: 10.1109/TSMC.2019.2952467.

O. A. Wahab, J. Bentahar, H. Otrok and A. Mourad, "Optimal Load Distribution for the Detection of VM-Based DDoS Attacks in the Cloud," in IEEE Transactions on Services Computing, vol. 13, no. 1, pp. 114-129, 1 Jan.-Feb. 2020, doi: 10.1109/TSC.2017.2694426.

G. Somani, M. S. Gaur, D. Sanghi, M. Conti and M. Rajarajan, "Scale Inside-Out: Rapid Mitigation of Cloud DDoS Attacks," in IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 959-973, 1 Nov.-Dec. 2018, doi: 10.1109/TDSC.2017.2763160.

J. Shen, T. Zhou, D. He, Y. Zhang, X. Sun and Y. Xiang, "Block Design-Based Key Agreement for Group Data Sharing in Cloud Computing," in IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 6, pp. 996-1010, 1 Nov.-Dec. 2019, doi: 10.1109/TDSC.2017.2725953.

S. Dong, K. Abbas and R. Jain, "A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud Computing Environments," in IEEE Access, vol. 7, pp. 80813-80828, 2019, doi: 10.1109/ACCESS.2019.2922196.

N. Agrawal and S. Tapaswi, "Defense Mechanisms Against DDoS Attacks in a Cloud Computing Environment: State-of-the-Art and Research Challenges," in IEEE Communications Surveys & Tutorials, vol. 21, no. 4, pp. 3769-3795, Fourthquarter 2019, doi: 10.1109/COMST.2019.2934468.

T. V. Phan and M. Park, "Efficient Distributed Denial-of-Service Attack Defense in SDN-Based Cloud," in IEEE Access, vol. 7, pp. 18701-18714, 2019, doi: 10.1109/ACCESS.2019.2896783.

I. Khan, Z. Anwar, B. Bordbar, E. Ritter and H. Rehman, "A Protocol for Preventing Insider Attacks in Untrusted Infrastructure-as-a-Service Clouds," in IEEE Transactions on Cloud Computing, vol. 6, no. 4, pp. 942-954, 1 Oct.-Dec. 2018, doi: 10.1109/TCC.2016.2560161.

L. Xu et al., "Architectural Protection of Application Privacy against Software and Physical Attacks in Untrusted Cloud Environment," in IEEE Transactions on Cloud Computing, vol. 6, no. 2, pp. 478-491, 1 April-June 2018, doi: 10.1109/TCC.2015.2511728.

Premkamal, PK, Pasupuleti, SK, Alphonse, PJA. Dynamic traceable CP-ABE with revocation for outsourced big data in cloud storage. Int J Commun Syst. 2021; 34:e4351. https://doi.org/10.1002/dac.4351.

I. H. Abdulqadder, D. Zou, I. T. Aziz, B. Yuan and W. Li, "SecSDN-Cloud: Defeating Vulnerable Attacks Through Secure Software-Defined Networks," in IEEE Access, vol. 6, pp. 8292-8301, 2018, doi: 10.1109/ACCESS.2018.2797214.

O. AlKadi, N. Moustafa, B. Turnbull and K. -K. R. Choo, "Mixture Localization-Based Outliers Models for securing Data Migration in Cloud Centers," in IEEE Access, vol. 7, pp. 114607-114618, 2019, doi: 10.1109/ACCESS.2019.2935142.

M. Ali, K. Bilal, S. U. Khan, B. Veeravalli, K. Li and A. Y. Zomaya, "DROPS: Division and Replication of Data in Cloud for Optimal Performance and Security," in IEEE Transactions on Cloud Computing, vol. 6, no. 2, pp. 303-315, 1 April-June 2018, doi: 10.1109/TCC.2015.2400460.

S. Javaid, H. Afzal, M. Babar, F. Arif, Z. Tan and M. Ahmad Jan, "ARCA-IoT: An Attack-Resilient Cloud-Assisted IoT System," in IEEE Access, vol. 7, pp. 19616-19630, 2019, doi: 10.1109/ACCESS.2019.2897095.

B. G. Raúl and A. M. L. Sevillano, "Services cloud under HSTS, Strengths and weakness before an attack of man in the middle MITM," 2017 Congreso Internacional de Innovacion y Tendencias en Ingenieria (CONIITI), 2017, pp. 1-5, doi: 10.1109/CONIITI.2017.8273322.

V. B. Gadicha and A. S. Alvi, "A review towards enhancing authentication scheme using Image Fusion and multishared Cryptography," 2015 International Conference on Communications and Signal Processing (ICCSP), 2015, pp. 0654-0657, doi: 10.1109/ICCSP.2015.7322570.

Downloads

Published

23.02.2024

How to Cite

Raich, A. ., & Gadicha, V. . (2024). MFAAMDTL: An Efficient Multimodal Feature Analysis Model to Mitigation Cloud Attacks using Transfer Learning Operations. International Journal of Intelligent Systems and Applications in Engineering, 12(17s), 55–66. Retrieved from https://ijisae.org/index.php/IJISAE/article/view/4836

Issue

Vol. 12 No. 17s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.