The document describes a major project report on a cloud-based intrusion detection system using a backpropagation neural network based on particle swarm optimization. It discusses cloud computing concepts, characteristics, service models, and security threats. The proposed methodology uses particle swarm optimization to optimize training data sets for a backpropagation neural network intrusion detection system. Soft computing techniques like artificial neural networks, fuzzy logic, genetic algorithms, and particle swarm optimization are applied. The objectives are to design an intrusion detection system and evaluate its performance on test data sets.
1. MAJOR PROJECT REPORT
PRESENTATION ON
A CLOUD BASED MODEL USING B P N BASED ON
PARTICLE SWARM OPTIMIZATION
PRESENTATION BY
P.Surya Kumar(13103028)
V.John Babu(13103041)
Under the Supervision Of
Devendra Kumar Singh
2. Cloud Computing:-
Cloud Computing is internet based computing that provides shared computing resources
and data to computers and other devices used by individuals or companies.
It provides computing resources and softwares for rent purpose on reasonable and low
costs.
The goal of Cloud computing is to allow all the users to take advantage of all the
technologies, without need for deep knowledge or expertise on them.
Through Cloud Computing, even small companies can use high technical softwares and
computing resources on rent and there is no need to purchase them.
3. Cloud Service Models
The different service models offered by Cloud Computing are:-
Infrastructure as a Service (IaaS):-
This Service provides the consumer storage, networks and other
fundamental computing resources where the consumer is able to
run arbitrary software, which can include operating systems and
applications.
Platform as a Service (PaaS):-
This service provides consumer-created or existing applications
created using programming languages, libraries, services and
tools supported by the provider.
Software as a Service (SaaS):-
This service provides applications running on a cloud
infrastructure. The applications are accessible from various client
devices through either a thin client interface, such as a web
browser.
The consumer does not manage or control the underlying cloud
infrastructure.
4. Essential Characteristics Of Cloud Computing
On-demand capabilities: One has access to services and power to change cloud services
through an online control panel or directly with the provider. You can add or change storage
networks and software as needed. Typically, you are billed with a monthly subscription or a pay-
for-what-you use scenario. Terms of subscriptions and payments will vary with each software
provider.
Broad network access: This mobility is particularly attractive for businesses so that during
business hours or on off-times, employees can stay on top of projects, contracts, and customers
whether they are on the road or in the office. Broad network access includes private clouds that
operate within a company’s firewall,.
Resource pooling: The cloud enables your employees to enter and use data within the business
management software hosted in the cloud at the same time, from any location, and at any time.
This is an attractive feature for multiple business offices and field service or sales teams that are
usually outside the office.
Rapid elasticity: The cloud is flexible and scalable to suit your immediate business needs. You
can quickly and easily add or remove users, software features, and other resources.
Measured service: Going back to the affordable nature of the cloud, you only pay for what you
use. You and your cloud provider can measure storage levels, processing, bandwidth, and the
number of user accounts and you are billed appropriately.
5. Different types of Attacks:-
Flooding Attack:-
Flooding Attack is a type of Denial Of Service (D o S) attack that is
designed to bring a network or service down by flooding it with large
amounts of traffic. Flood attacks occur when a network or service becomes
overloaded with packets initiating incomplete connection requests that it can
no longer process genuine connection requests.
Attacks on Virtual Machine or Hypervisor attack:-
A hypervisor attack is an attack in which an intruder takes advantage of
vulnerabilities in the program used to allow multiple operating systems to
share a single hardware processor. Mostly, the attacker uses hypervisor
services such as create/delete, execute and extend a threat. A
compromised hypervisor can allow the hacker to attack each virtual machine
on a virtual host.
6. Back door channel attacks:-
A back door is a means of access to a computer program that bypasses security
mechanisms. A programmer may sometimes install a back door so that the program can be
accessed for troubleshooting or other purposes. However, attackers often use back doors that
they detect or install themselves, as part of an attack. In some cases, a worm is designed to
take advantage of a back door created by an earlier attack.
In a computer, a worm is a self-replicating virus that does not alter files but resides in active
memory and duplicates itself. Worms use parts of an operating system that are automatic and
usually invisible to the user. It is common for worms to be noticed only when their
uncontrolled replication , consumes system resources ,slowing or halting other tasks.
For example nimda gained a entrance through the back door left by Code Red. Its name
(backwards for "admin") apparently refers to an "admin.dll“ file that, when run, continues to
propagate the virus. Nimda's payload appears to be the traffic slowdown itself - that is, it
does not appear to destroy files or cause harm other than the considerable time that may be
lost to the slowing or loss of traffic known as denial of service and the restoring of infected
systems.
7. Intrusion Detection System
Because of their distributed nature, cloud computing environments are easy targets for
intruders looking for possible vulnerabilities to attack. An intrusion detection system (IDS) is a
type of security software designed to automatically alert administrators when someone or
something is trying to compromise information system through malicious activities or through
security policy violations.
Types of IDS:-
Host based Intrusion Detection System(HIDS)
Network based Intrusion Detection System(NIDS)
Distributed based Intrusion Detection System(DIDS)
8. Methodology:
The above flow chart describes the designing of
Intrusion Detection System.
In first step, It takes 41 data sets as input .
In second step, we optimize these data sets
using PSO algorithm.
In third step, the optimized PSO algorithm is
connected with BPN.
In fourth step, it checks whether intrusion occurs
or not, if intrusion occurs ,it goes for next step
and IDS is trained , if not then the process ends.
In fifth step, it checks for the intrusion and trains
the IDS.
In sixth step,if desired output is got the resource
get allocates, If not , it again goes to fifth step
and the process continues.
9. Soft Computing Techniques used in Cloud Computing
Artificial Neural Network based IDS :-
Training the back-propagation network require the steps which follows
Step 1:- Select the next training pair from the training set, apply the input vector to the network
input
Step2: - Calculate the output of the network
Step3:- Calculate the error between the network output and the desired output(the target vector
from the training pair)
Step4:- Adjust the weights of the network in a way that minimize the error.
Step5:- Repeat step1 through 4 for each vector in the training set until the error for the entire set
is acceptably low.
Objective Of the Research:
Design of the Intrusion Detection System(IDS).
10. Given set of input output patterns(ai,bi)
L=1,2,3,....l, where the l th input
vector(al=(a11,a12,...a1k)t
And l th output vector bl=(b11,b12,.....b1k)t
Assume only one hidden layer
Assume inout layer with only linear units then
the output signal is equal to the input activation
value for each of these units. Let n be the
learning rate parameter.
Let a=a(m)=al and b=b(m)=bl
Activation of unit i in the input layer, xi=ai(m)
Activation of unit j in the hidden layer,
Back propagation algorithm:
Output signal from the j th unit in the hidden
layer ,S j
h = f j
h(x j
h)
Activation of unit k in the output layer,
Output signal from unit k in the output layer S
k
0 = fk
0(xh
0)
Error term for k th output unit,
S k
0 = (b k-S k
0)fk
0
Update weights on output layer,
w k j(n+1) = w k i(m)+ ῃ S k
0 w k j
Update the weights on the hidden layer
W j I
h(m+1)=w j i
h(m)+ ῃ S j
h a i
Calculate error for the lth term
Total errors for all patterns
Update the weights until the total error
reduce to an acceptable value
11. Back-propagation has been used in the wide variety of applications some of them are as follows:
Burr has used back-propagation in the machine recognition of handwritten English words. The
characters are normalized for size are placed on a grid and projection are made of the lines
through the squares of the grid. The projections them from the input to back-propagation
network. he reports accuracies of 99.7% when used with dictionary filter.
Rosenberg and Sejnowski produced a spectacular success with NET TALK, a system that
printed English text into highly intelligible speech. This tape recording of the training process
a strong resemblance to the sounds of child at various stages of learning to speak.
Cattrell, Munre and Zipser repeat a successfull image compression application in which images
were represented with on bit per pixel, on eight fold improvement over the input data.
NEC in Japan has announced recently that it has applied back-propagation to a new optical-
character recognition system, there by improving accuracy to over 99% . This improvement was
achieved through a combination of conventional algorithms with back-propagation network
providing additional verification.
12. Some other techniques used are:-
Fuzzy Logic Based IDS
Hybridization Techniques
Genetic Algorithm based IDS
Various processes involved in Genetic Algorithm are:-
Initialization
Selection
Reproduction
Crossover
Mutation and
Replacement Ex;- Recovery OF Wound.
13. PSO algorithm based IDS
PSO is an algorithm inspired by the group
behavior of animals, for example bird
flocks.
PSO has been proposed by Eberhart and
Kennedy in 1995, applied for neural
networks training etc.
The PSO algorithm basically works on the
formula
xi(t+1) = [w(t) *vi(t) ]+[ c1*u1*( pi(t) - xi(t))]+
[c2*u2*( gi(t) - xi(t))].
The symbols u1 and u2 represent random
variables with the U(0,1) distribution.
Position of particle i changes according to
xi(t+1)= xi(t)+ vi(t+1).
The algorithm is terminated after a given
number of iterations, where desired output
is obtained.
14. Software and Hardware Requirements:-
MATLAB 8.0, WEKA, JAVA, etc.
Plan of work:
In the first month we’ll be studying about the different software tools where we can train our
BPN network.
In the second and third months we’ll be performing training to our network.
In fourth month we’ll be checking for efficient results and report them.