FLOLSTM: Fuzzy logic‐driven optimized LSTM for improved malicious traffic detection in hypervisor environments-Reference-Cited by-同舟云学术

FLOLSTM: Fuzzy logic‐driven optimized LSTM for improved malicious traffic detection in hypervisor environments

Published:2024-06-06 Issue:20 Volume:36 Page:
ISSN:1532-0626
Container-title:Concurrency and Computation: Practice and Experience
language:en
Short-container-title:Concurrency and Computation

Author:

Kumar Anumukonda Naga Seshu¹^ORCID,Yadav Rajesh Kumar¹,Raghava Nallanthighal Srinivasa²

Affiliation:

1. Department of Computer Science and Engineering Delhi Technological University (Formerly Delhi College of Engineering) New Delhi India

2. Department of Electronics and Communication Engineering Delhi Technological University (Formerly Delhi College of Engineering) New Delhi India

Abstract

SummaryIn the ever‐evolving realm of cloud computing, the challenge of intrusion detection has grown increasingly intricate and vital. With the proliferation of cyber‐attacks and the widespread use of virtualized environments, there is a pressing need for network security solutions that are not only innovative and robust but also easily comprehensible. These solutions must possess the ability to effectively detect malicious activities, provide visibility into network operations, adapt to changing requirements, and promptly alert stakeholders to any suspicious behavior. In this study, we introduce a groundbreaking approach known as fuzzy logic‐driven optimized long short‐term memory (LSTM)—FLOLSTM, specifically designed for hypervisor‐based environments. By integrating fuzzy logic with an optimized LSTM neural network, FLOLSTM aims to significantly enhance the detection of attack traffic within hypervisor networks by combining the interpretability and uncertainty management capabilities of fuzzy logic with the temporal pattern recognition prowess of LSTM. The research methodology involves meticulous data collection from hypervisor monitors, followed by rigorous cleaning and preprocessing to enhance data reliability. Subsequently, the preprocessed data is input into the FLOLSTM classifier to identify malicious activities. Furthermore, the performance of the LSTM is fine‐tuned using the waterwheel plant optimization (WPO) algorithm. Experimental evaluations compare the efficiency of the proposed FLOLSTM with existing techniques across various metrics including accuracy, recall, precision, F‐measure, specificity, false‐positive rate (FPR), and false‐negative rate (FNR). Overall, the FLOLSTM model represents a significant advancement in intrusion detection for cloud environments, offering a potent blend of interpretability, accuracy, and efficiency. Its superior performance underscores its capacity to enhance network security and effectively mitigate cyber threats in dynamic and virtualized settings, thereby making a substantial impact on the field of cyber security.

Publisher

Wiley

Link

https://onlinelibrary.wiley.com/doi/pdf/10.1002/cpe.8194

Reference25 articles.

1. MellP GranceT.The NIST Definition of Cloud Computing.2011.

2. HeadyR LugerG MaccabeA ServillaM.The Architecture of a Network Level Intrusion Detection System (No. LA‐SUB‐93‐219).1990.

3. A Novel PCA-Firefly Based XGBoost Classification Model for Intrusion Detection in Networks Using GPU

4. An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture

5. BahramS JiangX WangZ et al.Dksm: Subverting virtual machine introspection for fun and profit. In2010 29th IEEE Symposium on Reliable Distributed Systems(pp. 82‐91). IEEE.2010.