Multi-level Intrusion Detection System and log management in Cloud Computing

Cloud Computing is a new type of service which provides large scale computing resource to each customer. Cloud Computing systems can be easily threatened by various cyber attacks, because most of Cloud Computing systems provide services to so many people who are not proven to be trustworthy. Therefore, a Cloud Computing system needs to contain some Intrusion Detection Systems(IDSs) for protecting each Virtual Machine(VM) against threats. In this case, there exists a tradeoff between the security level of the IDS and the system performance. If the IDS provide stronger security service using more rules or patterns, then it needs much more computing resources in proportion to the strength of security. So the amount of resources allocating for customers decreases. Another problem in Cloud Computing is that, huge amount of logs makes system administrators hard to analyse them. In this paper, we propose a method that enables Cloud Computing system to achieve both effectiveness of using the system resource and strength of the security service without trade-off between them.

[1]  Satoshi Matsuoka,et al.  A Model-Based Algorithm for Optimizing I/O Intensive Applications in Clouds Using VM-Based Migration , 2009, 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid.

[2]  Nils Gruschka,et al.  Attack Surfaces: A Taxonomy for Attacks on Cloud Services , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[3]  Roberto Di Pietro,et al.  Intrusion Detection Systems , 2008 .