A Model for Adaptive and Distributed Intrusion Detection for Cloud Computing

Cloud computing is becoming an increasing popular technology where clients can subscribe for resources on a pay per use basis. Distributed Denial of Service (DDoS) is a common form of attack that targets cloud computing. Also, new features of cloud computing such as virtualization and virtual machine migration introduces additional challenges to cloud security as studies reports that the detection accuracy of anomaly detection system is degraded during the migration of virtual machine from one host to another. Therefore, providing effective security is paramount to the quality of service in cloud computing. DDoS attack is carried out by compromising vulnerable host which are used to carry out coordinated attack against a target. This paper therefore proposed a model for an adaptive and distributed IDS for cloud computing capable of effectively detecting coordinated attacks and also addressing challenges introduced by migration of virtual machines in cloud IDS.

[1]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[2]  Christopher F. H. Nam,et al.  Quantifying the uncertainty in change points , 2012 .

[3]  Naixue Xiong,et al.  Anomaly secure detection methods by analyzing dynamic characteristics of the network traffic in cloud communications , 2014, Inf. Sci..

[4]  Moses Garuba,et al.  Analysis of DDoS Attacks and an Introduction of a Hybrid Statistical Model to Detect DDoS Attacks on Cloud Computing Environment , 2015, 2015 12th International Conference on Information Technology - New Generations.

[5]  G. Aghila,et al.  A comber approach to protect cloud computing against XML DDoS and HTTP DDoS attack , 2012, 2012 IEEE Students' Conference on Electrical, Electronics and Computer Science.

[6]  David Hutchison,et al.  Assessing the impact of intra-cloud live migration on anomaly detection , 2014, 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet).

[7]  Léon Bottou,et al.  On-line learning and stochastic approximations , 1999 .

[8]  Weiqing Sun,et al.  Collabra: A Xen Hypervisor Based Collaborative Intrusion Detection System , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[9]  Aman Bakshi,et al.  Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine , 2010, 2010 Second International Conference on Communication Software and Networks.

[10]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[11]  Chandra Erdman,et al.  bcp: An R Package for Performing a Bayesian Analysis of Change Point Problems , 2007 .

[12]  Stéphane Bressan,et al.  Anomaly detection and identification scheme for VM live migration in cloud infrastructure , 2016, Future Gener. Comput. Syst..

[13]  Padam Kumar,et al.  VM Profile Based Optimized Network Attack Pattern Detection Scheme for DDOS Attacks in Cloud , 2013, SSCC.

[14]  Léon Bottou,et al.  Large-Scale Machine Learning with Stochastic Gradient Descent , 2010, COMPSTAT.

[15]  Thomas Stützle,et al.  Ant colony optimization , 2006, IEEE Computational Intelligence Magazine.

[16]  Guobin Xu,et al.  A Cloud Computing Based Network Monitoring and Threat Detection System for Critical Infrastructures , 2016, Big Data Res..

[17]  Eui-nam Huh,et al.  A Collaborative Intrusion Detection System Framework for Cloud Computing , 2011, ICITCS.

[18]  Madhumita Chatterjee,et al.  An Adaptive Distributed Intrusion Detection System for Cloud Computing Framework , 2012, SNDS.

[19]  Tong Zhang,et al.  Solving large scale linear prediction problems using stochastic gradient descent algorithms , 2004, ICML.

[20]  Aamir Shahzad,et al.  Detecting flooding based DoS attack in cloud computing environment using covariance matrix approach , 2013, ICUIMC '13.

[21]  Ethem Alpaydin,et al.  Introduction to machine learning , 2004, Adaptive computation and machine learning.

[22]  Pourya Shamsolmoali,et al.  Statistical-based filtering system against DDOS attacks in cloud computing , 2014, 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[23]  Fabrizio Baiardi,et al.  CIDS: A Framework for Intrusion Detection in Cloud Systems , 2012, 2012 Ninth International Conference on Information Technology - New Generations.

[24]  Robert Lund,et al.  A Review and Comparison of Changepoint Detection Techniques for Climate Data , 2007 .

[25]  Huaglory Tianfield,et al.  Evaluation of Experiments on Detecting Distributed Denial of Service (DDoS) Attacks in Eucalyptus Private Cloud , 2012, SOFA.

[26]  Yao Zheng,et al.  DDoS Attack Protection in the Era of Cloud Computing and Software-Defined Networking , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[27]  Idris A. Eckley,et al.  changepoint: An R Package for Changepoint Analysis , 2014 .

[28]  L. Eon Bottou Online Learning and Stochastic Approximations , 1998 .

[29]  Irfan Gul,et al.  Distributed Cloud Intrusion Detection Model , 2011 .

[30]  Yongxin Zhu,et al.  An Intelligent Anomaly Detection and Reasoning Scheme for VM Live Migration via Cloud Data Mining , 2013, 2013 IEEE 25th International Conference on Tools with Artificial Intelligence.

[31]  Muhammad Zakarya,et al.  DDoS Verification and Attack Packet Dropping Algorithm in Cloud Computing , 2013 .

[32]  Bernhard Plattner,et al.  Network anomaly detection in the cloud: The challenges of virtual service migration , 2014, 2014 IEEE International Conference on Communications (ICC).

[33]  A. B. M. Shawkat Ali,et al.  A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing , 2012, Future Gener. Comput. Syst..

[34]  Kannan Govindarajan,et al.  DDoS defense system for web services in a cloud environment , 2014, Future generations computer systems.

[35]  Gopinath Ganapathy,et al.  Trilateral Trust Based Defense Mechanism against DDoS Attacks in Cloud Computing Environment , 2015 .

[36]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[37]  Dengguo Feng,et al.  CloudSEC: A Cloud Architecture for Composing Collaborative Security Services , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[38]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.