Mobile Agents with Cryptographic Traces For Intrusion Detection in the Cloud Computing

Abstract Cloud Computing is an internet-based computing paradigm, where dynamically scalable and virtualized shared resources are pro- vided to customers on demand. It becomes widespread thanks to its concepts that boost availability and accessibility of information on the network. However, the open nature of this technology exposes it to serious vulnerabilities related to security flaws occurred while interactions to execute required services. Intrusion Detection System (IDS) is a stronger strategy to provide security, through monitoring data environment to detect attacks in order to prevent their expansion. In this paper, we propose efficient, reliable and secure IDS based on mobile agent paradigm and cryptographic mechanisms. According to this, an agent can move among cloud data servers to collect data or execute services, while keeping a cryptographic trace of the actions, actors, results and data involved in the execution. Based on a chaining mechanism, these cryptographic traces including signed data, encrypted and hashed code statements, allow the identification of intrusions and their origins. We have implemented a cloud environment to integrate our proposed IDS, and conducted detailed experiments to evaluate its response time, network load and detection performance compared to the traditional Client/Server architecture.