A FKPCA-GWO WDBiLSTM classifier for intrusion detection system in cloud environments

摘要

Due to the expansion of Internet traffic and threats in the cloud environment, intrusion detection is becoming more challenging. Attackers may try to exploit various application protocols such as Domain Name System (DNS), Message Queue Telemetry Transport (MQTT), and Hyper Text Transfer Protocol (HTTP). Attack on one or more of these protocols leads to data leakage and security issues. For this purpose, conventional machine learning (ML) methods such as SVM, NN, Fuzzy Logic, and Hidden Markov Models are utilized for Intrusion Detection System (IDS). But it has some limitations, like low convergence speed, inaccuracy, gradient vanishing problems, overfitting, and low significant performance. To overcome these issues, this paper proposes a Fisher kernel based PCA dimensionality reduction algorithm and grey wolf optimizer based weight dropped BiLSTM classifier (FKPCA-GWO WDBiLSTM) for intrusion detection. Firstly, together with the data records to the PCA algorithm, the fisher kernel with fisher score is provided as input to achieve linearly separable dimensionality reduction. Secondly, the WDBiLSTM network is used to retain the long-term dependencies while extracting the features in backward and a forward direction. GWO optimize the recurrent weights and give accurate classification results as normal or attacks (types of attacks). The proposed FKPCA-GWO WDBiLSTM is tested with the four datasets. The proposed work gives high accuracy, precision, sensitivity, specificity, F-measure, MCC, kappa, and ROC curve when comparing with existing methods like hypervisor-IDS, Fuzzy-SMO, BiCIDS, DRIOTIDS and FCM-SVM IDS.