Impregnable Defence Architecture using Dynamic Correlation-based Graded Intrusion Detection System for Cloud

Data security and privacy are perennial concerns related to cloud migration, whether it is about applications, business or customers. In this paper, novel security architecture for the cloud environment designed with intrusion detection and prevention system (IDPS) components as a graded multi-tier defense framework. It is a defensive formation of collaborative IDPS components with dynamically revolving alert data placed in multiple tiers of virtual local area networks (VLANs). The model has two significant contributions for impregnable protection, one is to reduce alert generation delay by dynamic correlation and the second is to support the supervised learning of malware detection through system call analysis. The defence formation facilitates malware detection with linear support vector machine- stochastic gradient descent (SVM-SGD) statistical algorithm. It requires little computational effort to counter the distributed, co-ordinated attacks efficiently. The framework design, then, takes distributed port scan attack as an example for assessing the efficiency in terms of reduction in alert generation delay, the number of false positives and learning time through comparison with existing techniques is discussed.

[1]  Roberto Bifulco,et al.  Integrating a network IDS into an open source Cloud Computing environment , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[2]  Kamalraj Subramaniam,et al.  Multilevel Security Framework Based Resource Sharing Using Bilinear Mapping in Cloud Environment , 2017 .

[3]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[4]  Moshe Kam,et al.  System Call-Based Detection of Malicious Processes , 2015, 2015 IEEE International Conference on Software Quality, Reliability and Security.

[5]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[6]  Christoph Meinel,et al.  An Extensible and Virtualization-Compatible IDS Management Architecture , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[7]  Kamalrulnizam Abu Bakar,et al.  Distributed Intrusion Detection in Clouds Using Mobile Agents , 2009, 2009 Third International Conference on Advanced Engineering Computing and Applications in Sciences.

[8]  Gilles Grimaud,et al.  Large-Scale Coordinated attacks: Impact on the Cloud Security , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[9]  Vamsi Popuri Intrusion detection for grid and cloud computing , 2011 .

[10]  Hu Zhengbing,et al.  An Intelligent Lightweight Intrusion Detection System with Forensics Technique , 2007, 2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications.

[11]  Yizhang Guan,et al.  A CP Intrusion Detection Strategy on Cloud Computing , 2009 .

[12]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[13]  Eui-nam Huh,et al.  A Collaborative Intrusion Detection System Framework for Cloud Computing , 2011, ICITCS.

[14]  FischerMathias,et al.  Taxonomy and Survey of Collaborative Intrusion Detection , 2015 .

[15]  Vijay Varadharajan,et al.  Intrusion Detection Techniques for Infrastructure as a Service Cloud , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[16]  Fabrizio Baiardi,et al.  CIDS: A Framework for Intrusion Detection in Cloud Systems , 2012, 2012 Ninth International Conference on Information Technology - New Generations.

[17]  Saliha Buyukcorak,et al.  Hybrid Intrusion Detection System for DDoS Attacks , 2016, J. Electr. Comput. Eng..

[18]  Tong Zhang,et al.  Solving large scale linear prediction problems using stochastic gradient descent algorithms , 2004, ICML.

[19]  Snehal G. Kene,et al.  A review on intrusion detection techniques for cloud computing and security challenges , 2015, 2015 2nd International Conference on Electronics and Communication Systems (ICECS).

[20]  Tal Garfinkel,et al.  A Virtual Machine Introspection Based Architecture for Intrusion Detection , 2003, NDSS.

[21]  A. Piskozub,et al.  Real-Time Intrusion Prevention and Anomaly Analyze System for Corporate Networks , 2007, 2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications.

[22]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[23]  Borko Furht,et al.  Cloud Computing Fundamentals , 2010, Handbook of Cloud Computing.

[24]  Christopher Leckie,et al.  A survey of coordinated attacks and collaborative intrusion detection , 2010, Comput. Secur..