TY  - EJOU
AU  - Fonzin, Theophile Fozin 
AU  - Hamadjida, Halilou Claude Bobo 
AU  - Kouanou, Aurelle Tchagna 
AU  - Monthe, Valery 
AU  - Mezatio, Anicet Brice 
AU  - Ekonde, Michael Sone 

TI  - Enhancing Private Cloud Based Intrusion Prevention and Detection System: An Unsupervised Machine Learning Approach
T2  - Journal of Cyber Security

PY  - 2024
VL  - 6
IS  - 1
SN  - 2579-0064

AB  - Cloud computing is a transformational paradigm involving the delivery of applications and services over the Internet, using access mechanisms through microprocessors, smartphones, etc. Latency time to prevent and detect modern and complex threats remains one of the major challenges. It is then necessary to think about an intrusion prevention system (IPS) design, making it possible to effectively meet the requirements of a cloud computing environment. From this analysis, the central question of the present study is to minimize the latency time for efficient threat prevention and detection in the cloud. To design this IPS design in a cloud computing environment, Azure environment (Microsoft) and its concept of Virtual Private Cloud (VPC) were used. Then, an IPS design was deployed with a ruleset from a mined dataset (via K-means clustering) and processed. Finally, the correlation between the traffic analyzed (virtual network traffic in real-time, logs) and the filtering rules or ruleset of this IPS made it possible to obtain and discuss on a precision rate of around 0.9 in True Positive Rate (TPR) in the prevention Cross-Site Scripting (XSS) attacks targeting the cloud, for a latent time of approximately 6.4 ms. Subsequently, it is important to think about extending the detection capabilities, attack complexity, and high traffic consideration of this IPS.
KW  - Cloud computing; IDPS; K-means clustering; cross-site scripting (XSS); machine learning

DO  - 10.32604/jcs.2024.059265