Authors: Meryem Amar; Bouabid El Ouahidi
Addresses: I.P.S.S., Mohammed V University, Rabat, Morocco ' I.P.S.S., Mohammed V University, Rabat, Morocco
Abstract: The usage of cloud opportunities brings not only resources and storage availability, but puts also customer's privacy at stake. These services are carried out through web that generate log files. These files contain valuable information in tracking malicious behaviours. However, they are variant, voluminous and have high velocity. This paper structures input log files using data preparation treatment (DPT), anticipates missing features, and performs a weighted conversion to ease the discrimination of malicious activities. Regarding the robustness of deep learning in analysing high dimension databases, selecting dynamically features and detecting intrusions, our architecture avails its strength and proposes a weighted long short-term memory (WLSTM) deep learning algorithm. WLSTM mine network traffic predictors considering past events, and minimizes the vanishing gradient. Results prove its effectiveness; it achieves 98% of accuracy and reduces false alarm rates to 1.47%. For contextual malicious behaviours, the accuracy attained 97% and the loss was 22%.
Keywords: cloud security breaches; intrusion-detection; weight of evidence; WoE; deep learning; long short-term memory; LSTM.
International Journal of Data Mining, Modelling and Management, 2020 Vol.12 No.3, pp.308 - 329
Received: 18 Sep 2019
Accepted: 15 Feb 2020
Published online: 23 Jul 2020 *