Research And Analysis Of Intrusion Detection Algorithm Based On Cloud Computing

With the development of cloud computing and expanding range of applications, cloud computing services, security and privacy issues have become increasingly prominent. However, there is dynamic complexity in a cloud computing environment, the traditional means of security can no longer meet the demand for cloud environment detection, detection capability, response speed, or size of the system, there are many restrictions. Establish efficient intrusion detection system in the cloud environment has become an important direction in the field of intrusion detection.Cloud computing provides ultra-large-scale computing power and massive storage capacity, We propose an intrusion detection system based on non-supervised learning in the cloud, This system is able to reliably store large amounts of intrusion detection data. Autonomous learning, real-time detection, and have ability to analyze and identify unknown attacks automatically detected with high accuracy, low false alarm rate.The main research work and achievements include1. We analyzed the security threats facing the cloud environment, means of attack and commonly used intrusion detection technology and analysis of the strengths and weaknesses of the intrusion detection system at this stage cloud environment.2. We Study the shortcomings of fuzzy C-means clustering algorithm to intrusion detection in cloud environment.We proposed based on improved fuzzy C-means algorithm MEOFCM.and use positive entropy and fault-tolerant distance to optimize the objective function,to solve the algorithm is sensitive to noise data and the need for predefined fuzzy weighted index. We proposed using Canopy clustering preprocess inproved algorithm,so as to solve the problems for the classification of initialization parameters sensitive and the need for pre-define the number of clusters.3. The massive high-dimensional intrusion detection data in the cloud have a lot of redundancy and noise, will seriously affect the detection time and detection efficiency, In MapReduce parallel computing framework,we proposed a prallel SVD based on Lancszos algorithm(PLSVD).we using PLSVD algorithms for feature extraction achieved to reduce the dimension of the data on the massive high-dimensional intrusion detection data,reducing the time of intrusion detection,and impoving the intrusion detection effect.For the massive intrusion detection data clustering algorithm, clustering algorithm in the stand-alone environment is difficult to cluster analysis. By analyzing MEOFCM algorithm and Canopy algorithm clustering characteristics, we propose the use of MapReduce parallelization of the two algorithms, so as to solve the problem of massive data clustering. And combined with PLSVD algorithm, we have established a complete cloud environment distributed intrusion detection algorithm.4. We make use of the proposed distributed intrusion detection algorithm,and established distributed intrusion detection system based on Hadoop cloud platform. We describe detection system processes and each module in the systems. Finally, we have launched the related experiments. To verify the effectiveness of this proposed algorithm, speedup, as well as the system’s real-time performance and scalability.