Cyber attack detection framework for cloud computing

Abstract

To prevent cyber-attacks, cloud-based systems mainly depend upon different types of intrusion detection systems (IDS). Most of the approaches have high detection rate for known attacks. But in case of unknown attacks or new attacks, these intrusion detection system increases false alarm rate. Another problem is that the reduction of false alarm rate increases the computational complexities in case of genetic algorithm-based IDS and ANN-based IDS. For instance, to tackle challenges like zero-day attack, the only way is to rely upon a robust data-driven approach for security in cloud. Actually in cloud huge amount of data are processed for various activities. It is very difficult to correlate events over such huge amount of data. To improve the abilities of monitoring and fast decision-making, context management is used for correlating events and inferring contexts and evidences. In this paper, a new data-driven framework has been proposed which utilizes ontology and knowledge base to detect cyber-attack with intrusion detection system in cloud.