Development of Reinforcement Learning and Pattern Matching (RLPM) Based Firewall for Secured Cloud Infrastructure
- PDF / 2,630,393 Bytes
- 26 Pages / 439.37 x 666.142 pts Page_size
- 8 Downloads / 217 Views
Development of Reinforcement Learning and Pattern Matching (RLPM) Based Firewall for Secured Cloud Infrastructure J. Jeya Praise1 · R. Joshua Samuel Raj2 · J. V. Bibal Benifa3
© Springer Science+Business Media, LLC, part of Springer Nature 2020
Abstract Cloud computing infrastructure is typically intended to store and deliver sensitive data and high performance computing resources through the internet. As the utility of cloud computing has increased to larger extend because of its sophisticated services, the security breaches also growing proportionately in terms of third party attacks. In order to mitigate the modern security attacks in the cloud environment, the traditional firewall rules and packet filtering methods are absolutely insufficient. Hence, a Deep Packet Inspection based firewall (RLPM) is developed to block the malicious attacks by validating the payload signature of arriving packets. RLPM combines the potential of Reinforcement Learning (RL) and parallel fast pattern matching simultaneously and it converges to an optimal solution at the earliest. RL method efficiently learns the environment and process the payload signature in a parallel manner. A two-way pattern matching algorithm is integrated with RL approach that validates the signature towards attaining the quick decisions. The performance results show that the RLPM is better as compared to the existing methods in terms of Response time, throughput and malicious attack blocking. As the firewall is deployed and tested in a real cloud computing environment, the response time is found to be 10% lesser while throughput is also increased about 10% than the existing state-of-the-art-methods. Keywords Cloud infrastructure · Packet filtering · DPI · Signature generation · Pattern matching
* J. Jeya Praise [email protected] 1
Anna University, Chennai, India
2
Rajaas Engineering College, Nagercoil, India
3
Indian Institute of Information Technology, Kottayam, India
13
Vol.:(0123456789)
J. J. Praise et al.
1 Introduction Cloud computing is a distributed model to dispense the computing, storage and networking resources without direct administration by the end-user. The release of cloud computing services to the end-user includes servers, storage, databases, networking tools and softwares through the internet [1]. Currently, every organization is intended to host their private data and specify the computing requirements in cloud infrastructures that are conversely vulnerable to security breaches for a large extend. A security breach leads to unlawful access of sensitive data, scientific applications, computing services, and networking services by thwarting their fundamental defense mechanisms [2]. A security violation happens once an application illegally pierces into a concealed or virtual IT perimeter and it is one of the primitive points of attack by an intruder. Primarily, security breaches are caused by malware [3], Distributed Denial of Service (DDoS) [4], Phishing [5], SQL injection [6], Trojan attacks [7], cross site scrip
Data Loading...
