Host-based Implementation of NICE-A in Cloud Computing's Virtual Network

To ride the tide of change which is inevitable, innovations are necessary. By using the concept of virtualization most of enterprises are trying to reduce their computing cost. This demand of reducing the computing cost has led to the innovation of Cloud Computing. Nowadays organizations recognized cloud for it different attractive property such as economically attractive and use it to host their services. So that their services available easily and economically to their users. But also many organization put security in their top concern before adopting the cloud service. One of the most significant problem that associated with cloud computing is cloud security that drawn a lot of analysis and research within past few years. Inside the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the actual prognosis associated with zombie exploration problems is exceedingly hard. This is because cloud users might deploy somewhat insecure purposes on the exclusive products. NICE is a Network Intrusion detection and Countermeasure selection in virtual network systems (NICE) design to establish an intrusion detection framework which is defense-in-depth in nature. Into the intrusion detection processes an attack graph analytical procedures is incorporated by NICE for better attack detection. In this paper we proposed to implement NICE-A as a host based agent instead network based so the data delivery time between sender and intended destination is saved as NICE-A is implemented in destination (which is cloud server in our case) and for large amount of data this definitely shows improvement in computation time. Moreover as NICE-A is implemented as host based so CPU utilization is also improved.

[1]  Gabriel Antoniu,et al.  Managing Data Access on Clouds: A Generic Framework for Enforcing Security Policies , 2011, 2011 IEEE International Conference on Advanced Information Networking and Applications.

[2]  Smith Jones,et al.  EFFECTIVE ALGORITHMIC APPROACH FOR CLOUD SECURITY BASED ON HASH CRYPTOGRAPHY , 2014 .

[3]  Subhajyoti Bandyopadhyay,et al.  Cloud computing - The business perspective , 2011, Decis. Support Syst..

[4]  Chih-Hung Lin,et al.  Efficient and effective NIDS for cloud virtualization environment , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[5]  Dijiang Huang,et al.  NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems , 2013, IEEE Transactions on Dependable and Secure Computing.

[6]  Ang Li,et al.  Fast Anomaly Detection for Large Data Centers , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[7]  Rajesh Kumar Tiwari,et al.  A Comprehensive Study on Cloud Computing , 2012 .

[8]  B. R. Madhu,et al.  Data mining based CIDS: Cloud intrusion detection system for masquerade attacks [DCIDSM] , 2013, 2013 Fourth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[9]  Miguel Correia,et al.  Anomaly-based intrusion detection in software as a service , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[10]  Saman A. Zonouz,et al.  A cloud-based intrusion detection and response system for mobile phones , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[11]  Sherif Abdelwahed,et al.  HA-CIDS: A Hierarchical and Autonomous IDS for Cloud Systems , 2013, 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks.

[12]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[13]  Bao Rong Chang,et al.  Evaluation of Virtual Machine Performance and Virtualized Consolidation Ratio in Cloud Computing System , 2013, J. Inf. Hiding Multim. Signal Process..

[14]  J. Thangakumar,et al.  A cloud-based intrusion detection system for Android smartphones , 2012, 2012 International Conference on Radar, Communication and Computing (ICRCC).

[15]  Roberto Bifulco,et al.  Integrating a network IDS into an open source Cloud Computing environment , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[16]  Dijiang Huang,et al.  Non-intrusive process-based monitoring system to mitigate and prevent VM vulnerability explorations , 2013, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[17]  S. Nirmal A Survey on Cloud Computing Threats , 2015 .

[18]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[19]  Philip Tavel,et al.  Modeling and Simulation Design , 2011 .

[20]  Fernando C. Colón Osorio,et al.  Measuring the effectiveness of modern security products to detect and contain emerging threats — A consensus-based approach , 2013, 2013 8th International Conference on Malicious and Unwanted Software: "The Americas" (MALWARE).