当前位置: X-MOL 学术Int. J. Syst. Assur. Eng. Manag. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Malicious host detection and classification in cloud forensics with DNN and SFLO approaches
International Journal of System Assurance Engineering and Management Pub Date : 2021-06-17 , DOI: 10.1007/s13198-021-01168-x
G. Nandita , T. Munesh Chandra

The rate of using cloud service is increased in recent years. The service provided by cloud computing (CC) is pre-owned by various laptops, smartphones, desktop computers, and notebook users. Cloud service enable the authorization practice due to an increasing number of cloud service users. Cloud service employs different host to deliver service to the users. But some hosts may be malicious and steal the user’s information or else it provides an unwanted file instead of original files to the user. In previous works, this malicious hosts are identified by site re-routing links, distinguishing file types and so on. The main impact of this malicious host is that it delivers infected data or files to the user or it divert the user to the non-requested data and files. In this paper, we focus on identification and classification of malicious hosts. The host list is examined to extract the features of malicious host by applying firefly algorithm. This identified features are then pre-processed by principal component analysis (PCA) method. The Deep Neural Network based Shuffled Frog Leap Optimization (DNN-SFLO) algorithm is a famous deep learning (DL) approach proposed to test the optimized weights of an identified features. DNN-SFLO accurately detects the malicious host, because the presence of malicious host may affect the cloud service. Performance of DNN-SFLO based host detection is compared with Naïve Bayes, Neural Network (NN), Artificial NN (ANN), Fuzzy C-Means (FCM), Fuzzy k-Nearest Neighbour (FKNN), Support vector machine (SVM). Implementation for this host detection process is carried out in python. The performance metrics taken to evaluate the effectiveness of DNN-SFLO is F-measure, precision, G-mean, sensitivity, error detection probability, and recall



中文翻译:

使用 DNN 和 SFLO 方法进行云取证中的恶意主机检测和分类

近年来,云服务的使用率有所提高。云计算(CC)提供的服务被各种笔记本电脑、智能手机、台式电脑和笔记本用户所拥有。由于越来越多的云服务用户,云服务启用了授权实践。云服务使用不同的主机向用户提供服务。但是有些主机可能是恶意的,会窃取用户的信息,或者向用户提供不需要的文件而不是原始文件。在以往的工作中,这些恶意主机通过站点重路由链接、区分文件类型等来识别。此恶意主机的主要影响是将受感染的数据或文件传送给用户,或将用户转移到未请求的数据和文件。在本文中,我们专注于恶意主机的识别和分类。通过应用萤火虫算法,检查主机列表以提取恶意主机的特征。然后通过主成分分析 (PCA) 方法对识别出的特征进行预处理。基于深度神经网络的 Shuffled Frog Leap 优化 (DNN-SFLO) 算法是一种著名的深度学习 (DL) 方法,用于测试已识别特征的优化权重。DNN-SFLO 准确检测恶意主机,因为恶意主机的存在可能会影响云服务。将基于 DNN-SFLO 的主机检测的性能与朴素贝叶斯、神经网络 (NN)、人工神经网络 (ANN)、模糊 C 均值 (FCM)、模糊 k-最近邻 (FKNN)、支持向量机 (SVM) 进行比较。这个主机检测过程的实现是在 python 中进行的。用于评估 DNN-SFLO 有效性的性能指标是 F-measure,

更新日期:2021-06-18
down
wechat
bug