HIDS: A host based intrusion detection system for cloud computing environment

The paper reports a host based intrusion detection model for Cloud computing environment along with its implementation and analysis. This model alerts the Cloud user against the malicious activities within the system by analyzing the system call traces. The method analyses only selective system call traces, the failed system call trace, rather than all. An early detection of intrusions with reduced computational burden can be possible with this feature. The reported model provides security as a service (SecaaS) in the infrastructure layer of the Cloud environment. Implementation result shows 96 % average intrusion detection sensitivity.

[1]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[2]  Tao Chen,et al.  A new data normalization method for unsupervised anomaly intrusion detection , 2009, Journal of Zhejiang University SCIENCE C.

[3]  Frank Doelitzscher,et al.  An agent based business aware incident detection system for cloud environments , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[4]  Carlos Martín-Vide,et al.  Evolutionary Design of Intrusion Detection Programs , 2007, Int. J. Netw. Secur..

[5]  Tom Fawcett,et al.  An introduction to ROC analysis , 2006, Pattern Recognit. Lett..

[6]  Santosh Biswas,et al.  An Active Host-Based Intrusion Detection System for ARP-Related Attacks and its Verification , 2013, ArXiv.

[7]  Philip K. Chan,et al.  Learning Patterns from Unix Process Execution Traces for Intrusion Detection , 1997 .

[8]  Terry R. Payne,et al.  Experience with Rule Induction and k-Nearest Neighbor Methods for Interface Agents that Learn , 1997, IEEE Trans. Knowl. Data Eng..

[9]  Stephanie Forrest,et al.  A sense of self for Unix processes , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[10]  Marc Dacier,et al.  Intrusion Detection Using Variable-Length Audit Trail Patterns , 2000, Recent Advances in Intrusion Detection.

[11]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[12]  V. Rao Vemuri,et al.  Intrusion Detection Using Text Processing Techniques with a Binary-Weighted Cosine Metric , 2006 .

[13]  Charu C. Aggarwal,et al.  A Survey of Text Classification Algorithms , 2012, Mining Text Data.

[14]  L Vokorokos,et al.  Host-based intrusion detection system , 2010, 2010 IEEE 14th International Conference on Intelligent Engineering Systems.

[15]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[16]  Kyaw Thet Khaing,et al.  Important Roles Of Data Mining Techniques For Anomaly Intrusion Detection System , 2013 .

[17]  Sateesh K. Peddoju,et al.  Implementation of a Private Cloud: A Case Study , 2013, SocProS.

[18]  Philip K. Chan,et al.  Learning Useful System Call Attributes for Anomaly Detection , 2005, FLAIRS Conference.

[19]  Yan Zhang,et al.  The Design and Implementation of Host-Based Intrusion Detection System , 2010, 2010 Third International Symposium on Intelligent Information Technology and Security Informatics.

[20]  Michael Schatz,et al.  Learning Program Behavior Profiles for Intrusion Detection , 1999, Workshop on Intrusion Detection and Network Monitoring.