LR-HIDS: logistic regression host-based intrusion detection system for cloud environments

Cloud computing is an Internet based computing environment, where storage and computing resources are assigned dynamically among users according to their needs, using the virtualization technology. Virtualization is an underlying infrastructure of cloud computing, and has led to certain security problems during the development of cloud computing. One essential but formidable task in cloud computing is to detect malicious attacks and their types. Due to increasing incidents of cyber-attacks, design and implementation of effective intrusion detection systems to protect the security of information systems is crucial. In this paper, a host-based intrusion detection system (H-IDS) for protecting virtual machines in the cloud environment is proposed. To this end, first, important features of each class are selected using logistic regression and next, these values are improved using the regularization technique. Then, various attacks are classified using a combination of three different classifiers: neural network, decision tree and linear discriminate analysis with the bagging algorithm for each class. The proposed model has been trained and tested using the NSL-KDD data set with an implementation in the Cloudsim software. Simulation results compared to other methods shows acceptable accuracy of about 97.51 for detecting attacks against normal states.