@Article{jcs.2024.059265,
AUTHOR = {Theophile Fozin Fonzin, Halilou Claude Bobo Hamadjida, Aurelle Tchagna Kouanou, Valery Monthe, Anicet Brice Mezatio, Michael Sone Ekonde},
TITLE = {Enhancing Private Cloud Based Intrusion Prevention and Detection System: An Unsupervised Machine Learning Approach},
JOURNAL = {Journal of Cyber Security},
VOLUME = {6},
YEAR = {2024},
NUMBER = {1},
PAGES = {155--177},
URL = {http://www.techscience.com/JCS/v6n1/59273},
ISSN = {2579-0064},
ABSTRACT = {Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet, using access mechanisms through microprocessors, smartphones, etc. Latency time to prevent and detect modern and complex threats remains one of the major challenges. It is then necessary to think about an intrusion prevention system (IPS) design, making it possible to effectively meet the requirements of a cloud computing environment. From this analysis, the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud. To design this IPS design in a cloud computing environment, Azure environment (Microsoft) and its concept of Virtual Private Cloud (VPC) were used. Then, an IPS design was deployed with a ruleset from a mined dataset (via K-means clustering) and processed. Finally, the correlation between the traffic analyzed (virtual network traffic in real-time, logs) and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate (TPR) in the prevention Cross-Site Scripting (XSS) attacks targeting the cloud, for a latent time of approximately 6.4 ms. Subsequently, it is important to think about extending the detection capabilities, attack complexity, and high traffic consideration of this IPS.},
DOI = {10.32604/jcs.2024.059265}
}