Signature Based Semantic Intrusion Detection System on Cloud

Now a days, many enterprise applications are using cloud platform. Security is the most sensitive issue in cloud platform. Intrusion detection System is used to protect the Virtual machine from threats. This paper proposes Application level Signature based Semantic Intrusion Detection System, which concentrates on the application level to detect application specific attacks. A packet sniffer is placed between cloud user and Virtual cloud provider. The packets of various protocols are captured by packet sniffer and dispatch it to its corresponding parser. The parser translates a sequence of packets into protocol messages and dispatches the packet to the corresponding state machine which consists of message parsing grammar. The message parsing grammar analyses the messages and checks with the semantic rules. If any signature does not matches with the rule-base and found to be malicious. The IDS interpreter generates alert to the cloud provider. The Signature based semantic Intrusion Detection System reduces the false alarm rate. So, the accuracy of the detection rate gets increased.

[1]  Michaël Rusinowitch,et al.  Protocol analysis in intrusion detection using decision tree , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..

[2]  Christoph Meinel,et al.  An Extensible and Virtualization-Compatible IDS Management Architecture , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[3]  Carla Merkle Westphall,et al.  Intrusion Detection for Grid and Cloud Computing , 2010, IT Professional.

[4]  V. Vaidehi,et al.  Fuzzy Aided Application Layer Semantic Intrusion Detection System - FASIDS , 2010, ArXiv.

[5]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[6]  Giovanni Vigna,et al.  Detecting malicious JavaScript code in Mozilla , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).

[7]  Christopher Krügel,et al.  Using Decision Trees to Improve Signature-Based Intrusion Detection , 2003, RAID.

[8]  Aman Bakshi,et al.  Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine , 2010, 2010 Second International Conference on Communication Software and Networks.

[9]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[10]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[11]  Roberto Bifulco,et al.  Integrating a network IDS into an open source Cloud Computing environment , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[12]  Ueman Oktay,et al.  Proxy Network Intrusion Detection System for cloud computing , 2013, 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE).