An enhanced intrusion detection framework for securing network layer of cloud computing

Virtualization is a key enabler of Cloud computing. Due to the numerous vulnerabilities in current implementations of virtualization, security is the major concern of Cloud computing. In this paper, we propose an enhanced security framework to detect intrusions at the virtual network layer of Cloud. It combines signature and anomaly based techniques to detect possible attacks. It uses different classifiers viz; naive bayes, decision tree, random forest, extra trees and linear discriminant analysis for an efficient and effective detection of intrusions. To detect distributed attacks at each cluster and at whole Cloud, it collects intrusion evidences from each region of Cloud and applies Dempster-Shafer theory (DST) for final decision making. We analyze the proposed security framework in terms of Cloud IDS requirements through offline simulation using different intrusion datasets.

[1]  Jianhua Li,et al.  Intrusion Detection Engine Based on Dempster-Shafer's Theory of Evidence , 2006, 2006 International Conference on Communications, Circuits and Systems.

[2]  P. Sathya,et al.  Signature Based Semantic Intrusion Detection System on Cloud , 2015 .

[3]  Chirag Modi An Efficient Security Framework to Detect Intrusions at Virtual Network Layer of Cloud Computing , 2016 .

[4]  Ali A. Ghorbani,et al.  A detailed analysis of the KDD CUP 99 data set , 2009, 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications.

[5]  Aiko Pras,et al.  Booters — An analysis of DDoS-as-a-service attacks , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[6]  Dhiren R. Patel,et al.  A novel hybrid-network intrusion detection system (H-NIDS) in cloud computing , 2013, 2013 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[7]  Mohamed Talea,et al.  Cooperative Trust Framework for Cloud Computing Based on Mobile Agents , 2015, Int. J. Commun. Networks Inf. Secur..

[8]  Thomas M. Chen,et al.  Dempster-Shafer theory for intrusion detection in ad hoc networks , 2005, IEEE Internet Computing.

[9]  Sudhir N. Dhage,et al.  Intrusion detection system in cloud computing environment , 2011, ICWET.

[10]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2012, The Journal of Supercomputing.

[11]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[12]  Liu Yuxun,et al.  Notice of Retraction Review of decision trees , 2010 .

[13]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[14]  Shrimati Indira,et al.  NETWORK INTRUSION DETECTION AND COUNTERMEASURE SELECTION IN VIRTUAL NETWORK SYSTEMS , 2013 .

[15]  Dijiang Huang,et al.  NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems , 2013, IEEE Transactions on Dependable and Secure Computing.

[16]  Dinesh Singh,et al.  Collaborative IDS Framework for Cloud , 2016, Int. J. Netw. Secur..

[17]  Elsayed A. Sallam,et al.  A hybrid network intrusion detection framework based on random forests and weighted k-means , 2013 .