Survey of Attack Projection, Prediction, and Forecasting in Cyber Security

This paper provides a survey of prediction, and forecasting methods used in cyber security. Four main tasks are discussed first, attack projection and intention recognition, in which there is a need to predict the next move or the intentions of the attacker, intrusion prediction, in which there is a need to predict upcoming cyber attacks, and network security situation forecasting, in which we project cybersecurity situation in the whole network. Methods and approaches for addressing these tasks often share the theoretical background and are often complementary. In this survey, both methods based on discrete models, such as attack graphs, Bayesian networks, and Markov models, and continuous models, such as time series and grey models, are surveyed, compared, and contrasted. We further discuss machine learning and data mining approaches, that have gained a lot of attention recently and appears promising for such a constantly changing environment, which is cyber security. The survey also focuses on the practical usability of the methods and problems related to their evaluation

Improved RBF Network Intrusion Detection Model Based on Edge Computing with Multi-algorithm Fusion

Edge computing is difficult to deploy a complete and reliable security strategy due to its distributed computing architecture and inherent heterogeneity of equipment and limited resources. When malicious attacks occur, the loss will be immeasurable. RBF neural network has strong nonlinear representation ability and fast learning convergence speed, which is suitable for intrusion detection of edge detection industrial control network. In this paper, an improved RBF network intrusion detection model based on multi-algorithm fusion is proposed. kernel principal component analysis (KPCA) is used to extract data dimension and simplify data representation. Then subtractive clustering algorithm(SCM) and grey wolf algorithm(GWO) are used to jointly optimize RBF neural network parameters to avoid falling into local optimum, reduce the calculation of model training and improve the detection accuracy. The algorithm can better adapt to the edge computing platform with weak computing ability and bearing capacity, and realize real-time data analysis.The experimental results of BATADAL data set and Gas data set show that the accuracy of the algorithm is over 99% and the training time of larger samples is shortened by 50 times for BATADAL data set. The results show that the improved RBF network is effective in improving the convergence speed and accuracy in intrusion detection

Fuzzy-GRA trust model for cloud risk management

Cloud computing is not adequately secure due to the currently used traditional trust methods such as global trust model and local trust model. These are prone to security vulnerabilities. This paper introduces a trust model based on the fuzzy mathematics and gray relational theory. Fuzzy mathematics and gray relational analysis (Fuzzy-GRA) aims to improve the poor dynamic adaptability of cloud computing. Fuzzy-GRA platform is used to test and validate the behavior of the model. Furthermore, our proposed model is compared to other known models. Based on the experimental results, we prove that our model has the edge over other existing models

Machine Learning-Based Anomaly Detection in Cloud Virtual Machine Resource Usage

Anomaly detection is an important activity in cloud computing systems because it aids in the identification of odd behaviours or actions that may result in software glitch, security breaches, and performance difficulties. Detecting aberrant resource utilization trends in virtual machines is a typical application of anomaly detection in cloud computing (VMs). Currently, the most serious cyber threat is distributed denial-of-service attacks. The afflicted server\u27s resources and internet traffic resources, such as bandwidth and buffer size, are slowed down by restricting the server\u27s capacity to give resources to legitimate customers. To recognize attacks and common occurrences, machine learning techniques such as Quadratic Support Vector Machines (QSVM), Random Forest, and neural network models such as MLP and Autoencoders are employed. Various machine learning algorithms are used on the optimised NSL-KDD dataset to provide an efficient and accurate predictor of network intrusions. In this research, we propose a neural network based model and experiment on various central and spiral rearrangements of the features for distinguishing between different types of attacks and support our approach of better preservation of feature structure with image representations. The results are analysed and compared to existing models and prior research. The outcomes of this study have practical implications for improving the security and performance of cloud computing systems, specifically in the area of identifying and mitigating network intrusions

GUIDE FOR THE COLLECTION OF INSTRUSION DATA FOR MALWARE ANALYSIS AND DETECTION IN THE BUILD AND DEPLOYMENT PHASE

During the COVID-19 pandemic, when most businesses were not equipped for remote work and cloud computing, we saw a significant surge in ransomware attacks. This study aims to utilize machine learning and artificial intelligence to prevent known and unknown malware threats from being exploited by threat actors when developers build and deploy applications to the cloud. This study demonstrated an experimental quantitative research design using Aqua. The experiment\u27s sample is a Docker image. Aqua checked the Docker image for malware, sensitive data, Critical/High vulnerabilities, misconfiguration, and OSS license. The data collection approach is experimental. Our analysis of the experiment demonstrated how unapproved images were prevented from running anywhere in our environment based on known vulnerabilities, embedded secrets, OSS licensing, dynamic threat analysis, and secure image configuration. In addition to the experiment, the forensic data collected in the build and deployment phase are exploitable vulnerability, Critical/High Vulnerability Score, Misconfiguration, Sensitive Data, and Root User (Super User). Since Aqua generates a detailed audit record for every event during risk assessment and runtime, we viewed two events on the Audit page for our experiment. One of the events caused an alert due to two failed controls (Vulnerability Score, Super User), and the other was a successful event meaning that the image is secure to deploy in the production environment. The primary finding for our study is the forensic data associated with the two events on the Audit page in Aqua. In addition, Aqua validated our security controls and runtime policies based on the forensic data with both events on the Audit page. Finally, the study’s conclusions will mitigate the likelihood that organizations will fall victim to ransomware by mitigating and preventing the total damage caused by a malware attack

Cloud Service Selection System Approach based on QoS Model: A Systematic Review

The Internet of Things (IoT) has received a lot of interest from researchers recently. IoT is seen as a component of the Internet of Things, which will include billions of intelligent, talkative "things" in the coming decades. IoT is a diverse, multi-layer, wide-area network composed of a number of network links. The detection of services and on-demand supply are difficult in such networks, which are comprised of a variety of resource-limited devices. The growth of service computing-related fields will be aided by the development of new IoT services. Therefore, Cloud service composition provides significant services by integrating the single services. Because of the fast spread of cloud services and their different Quality of Service (QoS), identifying necessary tasks and putting together a service model that includes specific performance assurances has become a major technological problem that has caused widespread concern. Various strategies are used in the composition of services i.e., Clustering, Fuzzy, Deep Learning, Particle Swarm Optimization, Cuckoo Search Algorithm and so on. Researchers have made significant efforts in this field, and computational intelligence approaches are thought to be useful in tackling such challenges. Even though, no systematic research on this topic has been done with specific attention to computational intelligence. Therefore, this publication provides a thorough overview of QoS-aware web service composition, with QoS models and approaches to finding future aspects