论文信息 - A Hybrid Intrusion Detection System for Cloud Computing Environments

A Hybrid Intrusion Detection System for Cloud Computing Environments

This article presents a model to protect the cloud by providing a hybrid solution based on the distribution of intrusion detectors and the centralization of alerts for management purposes. The purpose of our approach is to protect the most important layers of the cloud using intrusion detection systems. Each layer (e.g network layer, application layer,...) has its properties that makes it different from other layers. This leads us to use specific intrusion detectors for each layer. The proposed detection model is segmented to two zones. The first zone is equipped with signature-based detectors, and the second zone is equipped with anomaly-based detectors. In the first zone we target previously known attacks, in the second zone we seek to discover previously unknown malicious events on the application layer. This article shows that it is possible to fully protect the cloud by using both signature and anomaly based detection using open source software, and provides the cloud service provider with a complete model to protect, monitor and manage the cloud by visualizing and correlating logs and alerts.

[1] Vikas Mishra,et al. Intrusion Detection System with Snort in Cloud Computing: Advanced IDS , 2016 .

[2] Kamel Adi,et al. A Data Classification Method for Inconsistency and Incompleteness Detection in Access Control Policy Sets , 2016, International Journal of Information Security.

[3] Firkhan Ali Bin Hamid Ali,et al. Development of host based intrusion detection system for log files , 2011, 2011 IEEE Symposium on Business, Engineering and Industrial Applications (ISBEIA).

[4] P. Sathya,et al. Signature Based Semantic Intrusion Detection System on Cloud , 2015 .

[5] Partha Ghosh,et al. An Efficient Cloud Network Intrusion Detection System , 2015 .

[6] Qassim Nasir,et al. cl-CIDPS: A Cloud Computing Based Cooperative Intrusion Detection and Prevention System Framework , 2015, FNSS.

[7] Salvatore J. Stolfo,et al. Cross-Domain Collaborative Anomaly Detection: So Far Yet So Close , 2011, RAID.

[8] Carsten Willems,et al. Automated Identification of Cryptographic Primitives in Binary Programs , 2011, RAID.

[9] Min Dai,et al. A Security-Awareness Virtual Machine Management Scheme Based on Chinese Wall Policy in Cloud Computing , 2014, TheScientificWorldJournal.