DMAIDPS: a distributed multi-agent intrusion detection and prevention system for cloud IoT environments

被引:34
作者
Javadpour, Amir [1 ,2 ]
Pinto, Pedro [3 ,4 ,5 ]
Ja'fari, Forough [6 ]
Zhang, Weizhe [1 ]
机构
[1] Harbin Inst Technol, Dept Comp Sci & Technol Cyberspace Secur, Shenzhen, Peoples R China
[2] Inst Politecn Viana Castelo, Electrotech & Telecommun Dept, ADiT Lab, Porto, Portugal
[3] Inst Politecn Viana Do Castelo, ADiT Lab, P-4900347 Viana Do Castelo, Portugal
[4] Univ Maia, P-4475690 Maia, Portugal
[5] INESC TEC, P-4200465 Porto, Portugal
[6] Sharif Univ Technol, Dept Comp Engn, Tehran, Iran
来源
CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS | 2023年 / 26卷 / 01期
基金
中国国家自然科学基金;
关键词
Intrusion detection and prevention system; DMAIDPS; Learning agent; CIoT; NEURAL-NETWORKS; IDS;
D O I
10.1007/s10586-022-03621-3
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Cloud Internet of Things (CIoT) environments, as the essential basis for computing services, have been subject to abuses and cyber threats. The adversaries constantly search for vulnerable areas in such computing environments to impose their damages and create complex challenges. Hence, using intrusion detection and prevention systems (IDPSs) is almost mandatory for securing CIoT environments. However, the existing IDPSs in this area suffer from some limitations, such as incapability of detecting unknown attacks and being vulnerable to the single point of failure. In this paper, we propose a novel distributed multi-agent IDPS (DMAIDPS) that overcomes these limitations. The learning agents in DMAIDPS perform a six-step detection process to classify the network behavior as normal or under attack. We have tested the proposed DMAIDPS with the KDD Cup 99 and NSL-KDD datasets. The experimental results have been compared with other methods in the field based on Recall, Accuracy, and F-Score metrics. The proposed system has improved the Recall, Accuracy, and F-Scores metrics by an average of 16.81%, 16.05%, and 18.12%, respectively.
引用
收藏
页码:367 / 384
页数:18
相关论文
共 44 条
[1]  
Adám N, 2017, 2017 IEEE 15TH INTERNATIONAL SYMPOSIUM ON APPLIED MACHINE INTELLIGENCE AND INFORMATICS (SAMI), P159, DOI 10.1109/SAMI.2017.7880294
[2]  
Alekar, 2018, SURVEY SDN BASED NET, V5, P1
[3]  
Alturfi Sabah M., 2021, Journal of Physics: Conference Series, V1804, DOI 10.1088/1742-6596/1804/1/012121
[4]  
Bala R, 2019, Int J Adv Comput Res, V10, P64, DOI [10.26483/ijarcs.v10i2.6395, DOI 10.26483/IJARCS.V10I2.6395]
[5]   Intelligent approach to build a Deep Neural Network based IDS for cloud environment using combination of machine learning algorithms [J].
Chiba, Zouhair ;
Abghour, Noreddine ;
Moussaid, Khalid ;
El Omri, Amina ;
Rida, Mohamed .
COMPUTERS & SECURITY, 2019, 86 :291-317
[6]   A Clever Approach to Develop an Efficient Deep Neural Network Based IDS for Cloud Environments Using a Self-Adaptive Genetic Algorithm [J].
Chiba, Zouhair ;
Abghour, Noreddine ;
Moussaid, Khalid ;
El Omri, Amina ;
Rida, Mohamed .
2019 INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGIES AND NETWORKING (COMMNET), 2019, :144-152
[7]  
Chih-Che Sun, 2016, 2016 Power Systems Computation Conference (PSCC), P1, DOI 10.1109/PSCC.2016.7540902
[8]   Foundations and Evolution of Modern Computing Paradigms: Cloud, IoT, Edge, and Fog [J].
De Donno, Michele ;
Tange, Koen ;
Dragoni, Nicola .
IEEE ACCESS, 2019, 7 :150936-150948
[9]   Hybrid approach to intrusion detection in fog-based IoT environments [J].
de Souza, Cristiano Antonio ;
Westphall, Carlos Becker ;
Machado, Renato Bobsin ;
Mangueira Sobral, Joao Bosco ;
Vieira, Gustavo dos Santos .
COMPUTER NETWORKS, 2020, 180
[10]   Multi-Agent Systems: A Survey [J].
Dorri, Ali ;
Kanhere, Salil S. ;
Jurdak, Raja .
IEEE ACCESS, 2018, 6 :28573-28593
12345