Title: Hierarchical detection of insider attacks in cloud computing systems

Authors: Omar M. Al-Jarrah; Moath Al-Ayoub; Yaser Jararweh

Addresses: Jordan University of Science and Technology, Irbid, 22110, Jordan ' Jordan University of Science and Technology, Irbid, 22110, Jordan ' Jordan University of Science and Technology, Irbid, 22110, Jordan

Abstract: Cloud computing has emerged as a new computing paradigm with enormous benefits that have attracted many businesses and service providers. As a result, it is critical to ensure highly available and resilient cloud system that continues to operate correctly under different circumstances. This is endangered by risks of cloud insider attacks. In this work, we propose an artificial intelligence based system to detect cloud insider attacks. A hierarchical detection system is used to ensure high detection accuracy and speed. In the first layer, we use a simple expert system to classify the insider as a normal, an attacker, or a probable attacker. The system reacts accordingly by allowing normal insiders to continue their work, blocking attackers, and performing further investigation on probable attackers in the second layer using a decision tree. Simulation results show that our system is able to detect insider attacks with 99.67% detection accuracy.

Keywords: insider attacks; behaviour monitoring; cloud computing; decision tree; hierarchical detection; cloud security; intrusion detection; artificial intelligence; expert systems; simulation.

DOI: 10.1504/IJICS.2017.082840

International Journal of Information and Computer Security, 2017 Vol.9 No.1/2, pp.85 - 99

Received: 01 Feb 2016
Accepted: 23 May 2016
Published online: 13 Mar 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article