A Cloud Based Network Intrusion Detection System

Along with the development of intrusion detection systems so far, remarkable results have been achieved in aspects of dynamic monitoring and network defense. However, regarding the ever-increasing volume of network detection data, the limited data processing capacity of intrusion detection systems impedes its pace of development and meanwhile restrains the effectiveness and timeliness of detection of the system. However, the application of cloud computing with its powerful computing capacity in intrusion detection systems can solve this bottleneck problem. Therefore, on the basis of cloud computing, this paper conducts design analysis of the network intrusion detection system and carries out empirical study with reference to the 10% training datasets of KDDCup99 of Lincoln Laboratory. Results show that the cloud computing based network intrusion detection system can effectively detect four types of mainstream attacks, namely Probe, DoS, U2R and R2L, with detection rates all above 94%, the highest false alarm rate being only 4.32% and the longest detection duration being only 50 s, which verifies the feasibility of system detection.