Intrusion Detection on AWS Cloud through Hybrid Deep Learning Algorithm

Abstract

The network security and cloud environment have been playing vital roles in today’s era due to increased network data transmission, the cloud’s elasticity, pay as you go and global distributed resources. A recent survey for the cloud environment involving 300 organizations in North America with 500 or more employees who had spent a minimum of USD 1 million on cloud infrastructure, as per March 2022 statistics, stated that 79% of organizations experienced at least one cloud data breach. In the year 2022, the AWS cloud provider leads the market share with 34% and a USD 200 billion cloud market, proving important and producing the motivation to improve the detection of intrusion with respect to network security on the basis of the AWS cloud dataset. The chosen CSE-CIC-IDS-2018 dataset had network attack details based on the real time attack carried out on the AWS cloud infrastructure. The proposed method here is the hybrid deep learning based approach, which uses the raw data first to do the pre-processing and then for normalization. The normalized data have been feature extracted from seventy-six fields to seven bottlenecks using Principal Component Analysis (PCA); those seven extracted features of every packet have been categorized as two-way soft-clustered (attack and non-attack) using the Smart Monkey Optimized Fuzzy C-Means algorithm (SMO-FCM). The attack cluster data have been further provided as inputs for the deep learning based AutoEncoder algorithm, which provides the outputs as attack classifications. Finally, the accuracy of the results in intrusion detection using the proposed technique (PCA + SMO-FCM + AE) is achieved as 95% over the CSE-CIC-IDS-2018 dataset, which is the highest known for state-of-the-art protocols compared with 11 existing techniques.