Securing Infrastructure-as-a-Service Public Clouds Using Security Onion

The shift to Cloud computing has brought with it its specific security challenges concerning the loss of control, trust and multi-tenancy especially in Infrastructure-as-a-Service (IaaS) Cloud model. This article focuses on the design and development of an intrusion detection system (IDS) that can handle security challenges in IaaS Cloud model using an open source IDS. We have implemented a proof-of-concept prototype on the most deployed hypervisor—VMware ESXi—and performed various real-world cyber-attacks, such as port scanning and denial of service (DoS) attacks to validate the practicality and effectiveness of our proposed IDS architecture. Based on our experimental results we found that our Security Onion-based IDS can provide the required protection in a reasonable and effective manner.

[1]  Eul Gyu Im,et al.  Man-in-the-Middle Attack Test-bed Investigating Cyber-security Vulnerabilities in Smart Grid SCADA Systems , 2012 .

[2]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2012, The Journal of Supercomputing.

[3]  Claudia Eckert,et al.  A formal model for virtual machine introspection , 2009, VMSec '09.

[4]  Andrews Jeyaraj,et al.  Recent security challenges in cloud computing , 2018, Comput. Electr. Eng..

[5]  Dimitrios Zissis,et al.  Addressing cloud computing security issues , 2012, Future Gener. Comput. Syst..

[6]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[7]  Eduardo B. Fernández,et al.  An analysis of security issues for cloud computing , 2013, Journal of Internet Services and Applications.

[8]  Abhinav Srivastava,et al.  Tamper-Resistant, Application-Aware Blocking of Malicious Network Connections , 2008, RAID.

[9]  Xuxian Jiang,et al.  Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction , 2007, CCS '07.

[10]  Tim Mather,et al.  Cloud Security and Privacy - An Enterprise Perspective on Risks and Compliance , 2009, Theory in practice.

[11]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[12]  Sakir Sezer,et al.  Intrusion Detection Systems for Critical Infrastructure , 2014 .

[13]  Bernardi Pranggono,et al.  Impact of Distributed Denial-of-Service Attack on Advanced Metering Infrastructure , 2015, Wireless Personal Communications.

[14]  Haralambos Mouratidis,et al.  Assurance of Security and Privacy Requirements for Cloud Deployment Models , 2018, IEEE Transactions on Cloud Computing.

[15]  R. Chitra,et al.  Securing cloud from ddos attacks using intrusion detection system in virtual machine , 2013 .

[16]  Lori M. Kaufman,et al.  Data Security in the World of Cloud Computing , 2009, IEEE Security & Privacy.

[17]  Daniel Mellado,et al.  Security Analysis in the Migration to Cloud Environments , 2012, Future Internet.

[18]  Tawfiq Alashoor Cloud computing: a review of security issues and solutions , 2014, Int. J. Cloud Comput..

[19]  Yi Ding,et al.  Network security for virtual machine in cloud computing , 2010, 5th International Conference on Computer Sciences and Convergence Information Technology.

[20]  Tal Garfinkel,et al.  When Virtual Is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments , 2005, HotOS.

[21]  Zhendong Su,et al.  Bezoar: Automated virtual machine-based full-system recovery from control-flow hijacking attacks , 2008, NOMS 2008 - 2008 IEEE Network Operations and Management Symposium.

[22]  Farzad Sabahi,et al.  Virtualization-level security in cloud computing , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[23]  Fang Liu,et al.  NIST Cloud Computing Reference Architecture , 2011, 2011 IEEE World Congress on Services.

[24]  Christoph Meinel,et al.  Infrastructure as a service security: Challenges and solutions , 2010, 2010 The 7th International Conference on Informatics and Systems (INFOS).

[25]  Huaglory Tianfield,et al.  Simulation tools for cloud computing , 2014 .

[26]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[27]  Bernd Grobauer,et al.  Understanding Cloud Computing Vulnerabilities , 2011, IEEE Security & Privacy.

[28]  Sean Carlisto de Alvarenga,et al.  A survey of intrusion detection in Internet of Things , 2017, J. Netw. Comput. Appl..

[29]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[30]  Athanasios V. Vasilakos,et al.  Security in cloud computing: Opportunities and challenges , 2015, Inf. Sci..

[31]  Gail-Joon Ahn,et al.  Security and Privacy Challenges in Cloud Computing Environments , 2010, IEEE Security & Privacy.