Article Preview
TopIntroduction
Cloud Computing is a type of Internet computing, where mutual resources and information are provided to devices on-demand. Cloud targets on maximizing effectiveness of mutual resources. Cloud can be shared by multiple users and also be dynamically allotted per demand (Moorthy & Rajeswari, 2013). It provides data availability assertion, fast accessibility, flexibility and scalability (Mohata et al., 2013). Cloud Computing comprises: Infrastructure as a Service (IaaS), Software as a Service (SaaS) and Platform as a Service (PaaS) (Mittal & Soni, 2013). It also plays a vital role in smart economy and has tremendous potential for growth. Data and information being most valuable assets are always at the risk of cyber-attacks. The rate of growth of data has increases by mammoth proportions with the invention of Cloud Computing and Big Data techniques. This furthermore increases the risk of intrusions and cyber data crimes happening. Thus, to fulfil the requirements such as confidentiality, integrity and availability the security policies are to be designed (Ledru et al., 2015). Firewalls and Intrusion Detection System (IDS) are designed to keep networks secured. A Firewall restricts access to network by screening traffic and deciding which packets should be allowed (Kanika and Urmila, 2013). Any unauthorised access to resources may hamper the security and privacy of the network is termed as intrusion. An IDS is a type of security management system which inspects all inbound and outbound network activity and identifies patterns that may indicate a network or system attack done by someone attempting to break into or compromise a system (Ghosh et al., 2015). IDS has two detection techniques, namely misuse and anomaly detection. The misuse is a signature-based detection approach and only those intrusion whose signatures are available can be detected. While anomaly-based detection approach measure deviation from the normal instances. So, an anomaly-based detection approach is capable to catch anonymous or new attacks (Nishani & Biba, 2015). With more sophisticated attacks, the safeguarding of security is becoming increasingly difficult. Denial of Service attack (DoS), Probe, Remote to Local attack (R2L), User to Root attack (U2R) are the major attacks that affect large number of computers daily in today’s world. In this paper, our aim is to detect attacks more efficiently and effectively, thereby preserving data security of shared information through Internet and other networks. With rise in data and easy accessibility of information made through Cloud environment, data security is at a constant threat. Already existing Firewalls and IDS have various limitations specially in detecting new sophisticated attacks. So, we have designed an IDS which can be trained with more updated data, thereby keeping the IDS always ready to catch even new and sophisticate attacks. We have found a way to deal with numerous data and make our IDS work with effectively reduced rule set thereby making our IDS fast with less computation and also classify attacks accurately as it occurs. NSL_KDD and KDD 10% dataset have been used in our experimental work. We have pre-processed the training dataset and extracted strong patterns with our proposed data mining technique. Attacks are then detected from the testing dataset using data classification and reinforcement learning. Reinforcement Learning Automata interacts with the environment and take actions to maximize cumulative reward depending upon the reinforcement signal thereby classifying test case accurately. Thus, in our proposed model we have incorporated Reinforcement Learning Automata with IDS in order to improve the performance of IDS while detecting and classifying attacks.