Proxy Network Intrusion Detection System for cloud computing

Cloud computing is the state of the art approach of information technologies. While migrating from conventional data centers to cloud computing paradigm, administrators have to consider costs. Security is one of the biggest problems for all information technologies and also in cloud computing. Some mechanisms are used such as antivirus software, firewall, guard systems or intrusion detection/prevention systems to increase the system security. The main handicap of these mechanisms is extensive usage of hardware, especially CPU and memory. In this paper, we examine the hardware usage of Network Intrusion Detection Systems (NIDSs) with different network architectures. Although the virtualization is preferred by the most of the providers, we chose a virtualized environment as our test bed because of its easier implementation structure from other cloud technologies such as grid and blade architectures. We focused on a proxy NIDS architecture, which is a gateway-based approach (intrusion detection assignment carried out by an outer entity, so why we called it proxy) and has less hardware requirements than other positioning options. It is aimed to show an effective location to IDSs in a virtualized environment. As a result, both providers and customers can easily decide where to locate their defense mechanism.

[1]  R. Vanathi,et al.  Comparison of Network Intrusion Detection Systems in cloud computing environment , 2012, 2012 International Conference on Computer Communication and Informatics.

[2]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[3]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[4]  Nur Izura Udzir,et al.  A Cloud-based Intrusion Detection Service framework , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[5]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[6]  Jonathan Gines,et al.  Nagios 3 Enterprise Network Monitoring: Including Plug-Ins and Hardware Devices , 2008 .

[7]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[8]  Diane Barrett,et al.  Virtualization and Forensics: A Digital Forensic Investigator’s Guide to Virtual Environments , 2010 .

[9]  Weiqing Sun,et al.  Collabra: A Xen Hypervisor Based Collaborative Intrusion Detection System , 2011, 2011 Eighth International Conference on Information Technology: New Generations.

[10]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[11]  Patrick Martin,et al.  IDSaaS: Intrusion Detection System as a Service in Public Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).