Bulut Bilişim Güvenliği İçin Kullanılan Makine Öğrenimi Yöntemleri Üzerine Bir Derleme

Yıl 2022, Cilt: 10 Sayı: 2, 893 - 913, 30.04.2022

Bilge Kağan Yazar , Sedat Akleylek , Erdal Kılıç

https://doi.org/10.29130/dubited.979040

Öz

Son zamanlarda bulut bilişimin farklı amaçlar için kullanımı artmaktadır. Bu durum bulut üzerindeki bilgilerin çoğalmasına sebep olmaktadır ve daha yüksek güvenlik gereksinimlerinin olduğunu göstermektedir. Güvenliği sağlamanın yollarından bir tanesi makine öğrenmesi yöntemlerinin bulut sistemlerine adapte edilmesidir. Geleneksel yöntemler saldırılardaki çeşitlilik nedeniyle istenilen düzeyde başarı sağlayamamaktadır. Makine öğrenimi yaklaşımları, verileri daha etkin bir şekilde ele aldıklarından daha duyarlı ve otomatikleştirilmiş güvenlik çözümleri sunabilmektedir. Bulut üzerindeki verilerin gizliliği, bütünlüğü, bulut kaynaklarının kullanılabilirliği ve bulut platformu üzerindeki kimlik doğrulama işlemleri için makine öğrenimi tabanlı sistemlerin kullanımı son zamanlarda oldukça popülerdir. Genellikle izinsiz giriş tespit sistemi olarak adlandırılan bu sistemler, bulut uygulamalarındaki bilgileri yetkisiz erişimlerden korumak için kapsamlı yaklaşımlar kullanmaktadır. Bu çalışmada bulut bilişim güvenliği ve bu alanda kullanılan makine öğrenmesi yaklaşımları üzerine bir sistematik literatür taraması yapılmıştır. Kullanılan makine öğrenimi yöntemleri ve değerlendirme kriterleri, kullanılan veri kümeleri ve çalışmaların sağladıkları bilgi güvenliği kavramları baz alınarak, literatürde etkisi olan çalışmalar ele alınmıştır. Bazıları hibrit bazıları bağımsız şekilde 23 farklı makine öğrenimi yöntemi ve 17 farklı değerlendirme ölçütünün kullanıldığı görülmüştür. Toplamda 11 farklı hazır veri kümesi ve sekiz çalışmada ise oluşturulmuş olan veri kümelerinin kullanıldığı görülmüştür. Son olarak çalışmalar gizlilik, bütünlük, erişilebilirlik ve kimlik denetimi olacak şekilde bilgi güvenliği kavramları açısından değerlendirilmiştir.

Anahtar Kelimeler

Bulut Bilişim Güvenliği, Makine Öğrenimi, Performans Ölçütleri, Veri Kümeleri

A Review of Machine Learning Methods Used for Cloud Computing Security

Öz

Recently, the use of cloud computing for different purposes has been increasing. This causes the proliferation of information on the cloud and indicates higher security requirements. One of the ways to ensure security is to adapt machine learning methods to cloud systems. Traditional methods cannot achieve the desired level of success due to the diversity in attacks. Machine learning approaches can offer more responsive and automated security solutions as they handle data more effectively. The use of machine learning-based systems for the confidentiality and integrity of data in the cloud, the availability of cloud resources, and authentication on the cloud platform have been very popular recently. These systems, often called intrusion detection systems, use comprehensive approaches to protect the information in cloud applications from attacks. In this study, a systematic literature review was conducted on cloud computing security and machine learning approaches used in this field. Based on the machine learning methods and evaluation criteria used, the datasets used and the information security concepts provided by the studies, the studies that have an impact on the literature are  discussed. It has been observed that 23 different machine learning methods and 17 different evaluation criteria are used, some of the hybrid and some independently. In total, 11 different ready-made datasets and the datasets created in eight studies were used. Finally, the studies were evaluated in terms of information security concepts such as confidentiality, integrity, availability, and authentication.

Anahtar Kelimeler

Cloud Computing Security, Machine Learning, Performance Criteria, Datasets

Kaynakça

• [1]P. Mell and T. Grance. (2011, Sep). The NIST definition of cloud computing [Online]. Available: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.
• [2]A. B. Nassif, M. A. Talib, Q. Nasir, H. Albadani, and F. M. Dakalbab, “Machine learning for cloud security: A systematic review,” IEEE Access, vol. 9, pp. 20717–20735, 2021.
• [3]L. Alhenaki, A. Alwatban, B. Alahmri, and N. Alarifi, “Security in cloud computing: A survey,” International Journal of Computer Science and Information Security, vol. 17, pp. 67–90, 2019.
• [4]C. Modi, D. Patel, B. Borisaniya, A. Patel, and M. Rajarajan, “A survey on security issues and solutions at different layers of cloud computing,” J Supercomput, vol. 63, no. 2, pp. 561–592, 2013.
• [5]M. De Donno, A. Giaretta, N. Dragoni, A. Bucchiarone, and M. Mazzara, “Cyber-storms come from clouds: Security of cloud computing in the IoT era,” Future Internet, vol. 11, no. 6, Jun. 2019, Art. no. 127.
• [6]S. Singh, Y.-S. Jeong, and J. H. Park, “A survey on cloud computing security: Issues, threats, and solutions,” Journal of Network and Computer Applications, vol. 75, pp. 200–222, 2016.
• [7]U. A. Butt, M. Mehmood, S. B. H. Shah, R. Amin, M. W. Shaukat, S. M. Raza, D. Y. Suh, and M. J. Piran, “A review of machine learning algorithms for cloud computing security,” Electronics, vol. 9, no. 9, Sep. 2020, Art. no. 1379.
• [8]Md. T. Khorshed, A. B. M. S. Ali, and S. A. Wasimi, “A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing,” Future Generation Computer Systems, vol. 28, no. 6, pp. 833–851, 2012.
• [9]A. Patel, M. Taghavi, K. Bakhtiyari, and J. Celestino Júnior, “An intrusion detection and prevention system in cloud computing: A systematic review,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 25–41, 2013.
• [10]S. G. Kene and D. P. Theng, “A review on intrusion detection techniques for cloud computing and security challenges,” in 2nd International Conference on Electronics and Communication Systems (ICECS), 2015, pp. 227–232.
• [11]C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, and M. Rajarajan, “A survey of intrusion detection techniques in cloud,” Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42–57, 2013.
• [12]D. Kwon, H. Kim, J. Kim, S. C. Suh, I. Kim, and K. J. Kim, “A survey of deep learning-based network anomaly detection,” Cluster Comput, vol. 22, no. 1, pp. 949–961, 2019.
• [13]S. Shamshirband, M. Fathi, A. T. Chronopoulos, A. Montieri, F. Palumbo, and A. Pescapè, “Computational intelligence intrusion detection techniques in mobile cloud computing environments: Review, taxonomy, and open research issues,” Journal of Information Security and Applications, vol. 55, Dec. 2020, Art. no. 102582
• [14]A. Abusitta, M. Bellaiche, M. Dagenais, and T. Halabi, “A deep learning approach for proactive multi-cloud cooperative intrusion detection system,” Future Generation Computer Systems, vol. 98, pp. 308–318, 2019.
• [15]E. K. Subramanian and L. Tamilselvan, “A focus on future cloud: machine learning-based cloud security,” SOCA, vol. 13, no. 3, pp. 237–249, 2019.
• [16]M. Rabbani, Y. L. Wang, R. Khoshkangini, H. Jelodar, R. Zhao, and P. Hu, “A hybrid machine learning approach for malicious behaviour detection and recognition in cloud computing,” Journal of Network and Computer Applications, vol. 151, Feb. 2020, Art. no. 102507.
• [17]S. Dey, Q. Ye, and S. Sampalli, “A machine learning based intrusion detection scheme for data fusion in mobile clouds involving heterogeneous client networks,” Information Fusion, vol. 49, pp. 205–215, 2019.
• [18]M. Aloqaily, S. Otoum, I. A. Ridhawi, and Y. Jararweh, “An intrusion detection system for connected vehicles in smart cities,” Ad Hoc Networks, vol. 90, Jul. 2019, Art. no. 101842.
• [19]M. T. Sandıkkaya, Y. Yaslan, and C. D. Özdemir, “DeMETER in clouds: detection of malicious external thread execution in runtime with machine learning in PaaS clouds,” Cluster Comput, vol. 23, no. 4, pp. 2565–2578, 2020.
• [20]A. Agarwal, A. Prasad, R. Rustogi, and S. Mishra, “Detection and mitigation of fraudulent resource consumption attacks in cloud using deep learning approach,” Journal of Information Security and Applications, vol. 56, Feb. 2021, Art. no. 102672.
• [21]S. Krishnaveni, S. Sivamohan, S. S. Sridhar, and S. Prabakaran, “Efficient feature selection and classification through ensemble method for network intrusion detection on cloud computing,” Cluster Comput, vol. 24, no. 3, pp. 1761 – 1779, 2021.
• [22]Z. Chiba, N. Abghour, K. Moussaid, A. El omri, and M. Rida, “Intelligent approach to build a deep neural network based IDS for cloud environment using combination of machine learning algorithms,” Computers & Security, vol. 86, pp. 291–317, 2019.
• [23]P. Mishra, I. Verma, and S. Gupta, “KVMInspector: KVM based introspection approach to detect malware in cloud environment,” Journal of Information Security and Applications, vol. 51, Apr. 2020, Art. no. 102460.
• [24]S. Mishra, S. Kumar Sharma, and M. A. Alowaidi, “Multilayer self-defense system to protect enterprise cloud,” Computers, Materials & Continua, vol. 66, no. 1, pp. 71–85, 2020.
• [25]D. R. Rani and G. Geethakumari, “Secure data transmission and detection of anti-forensic attacks in cloud environment using MECC and DLMNN,” Computer Communications, vol. 150, pp. 799–810, 2020.
• [26]Z. Chkirbene, A. Erbad, R. Hamila, A. Mohamed, M. Guizani, and M. Hamdi, “TIDCS: A dynamic intrusion detection and classification system based feature selection,” IEEE Access, vol. 8, pp. 95864–95877, 2020.
• [27] R. R. Karn, P. Kudva, H. Huang, S. Suneja, and I. M. Elfadel, “Cryptomining detection in container clouds using system calls and explainable machine learning,” IEEE Transactions on Parallel and Distributed Systems, vol. 32, no. 3, pp. 674–691, 2021.
• [28]D. Praveena and P. Rangarajan, “A machine learning application for reducing the security risks in hybrid cloud networks,” Multimed Tools Appl, vol. 79, no. 7–8, pp. 5161–5173, 2020.
• [29]M. Tavallaee, E. Bagheri, W. Lu, and A. A. Ghorbani, “A detailed analysis of the KDD CUP 99 data set,” IEEE Symposium on Computational Intelligence for Security and Defense Applications, 2009, pp. 1–6.
• [30]N. Moustafa and J. Slay, “UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set),” Military Communications and Information Systems Conference (MilCIS), 2015, pp. 1–6.
• [31]J. McConnell, “National training standard for information systems security (INFOSEC) professionals,” National Security Agency/Central Security Service, Fort George, G Meade Md, Jun. 20, 1994.
• [32]M. E. Whitman and H. J. Mattord, Principles of Information Security, 4th ed., Boston, MA, USA: Cengage Learning, 2012.
• [33]S. Y. Lim, M. L. Mat Kiah and T. F. Ang, “Security issues and future challenges of cloud service authentication,” APH, vol. 14, no. 2, pp. 69-89, 2017.