cl-CIDPS: A Cloud Computing Based Cooperative Intrusion Detection and Prevention System Framework

Cloud Computing is one of today’s most promising technologies due to its cost-efficiency, flexibility and scalability for computing processes. However, the complex architecture of cloud infrastructure and the different levels of users lead to special requirements especially in security area. The Cloud provider is responsible for providing secure, reliable and trustful services to its consumers. Network intrusion detection system and network intrusion prevention system (IDPS), is a pioneer active security-defensive mechanism that is ideal to be used in cloud computing. Collaborative or cooperative IDS had been a hot topic for the last few years. However, there were some limitations in previous techniques indicating that they are not sufficient to cover all security threats in clouds. The main objective is to propose a cloud based cooperative intrusion detection and prevention system (cl-CIDPS). The system adds several contributions to the area of IDPS in clouds by proposing an integrated design that considers detection, prevention and logging capabilities applying both signature and anomaly detection mechanisms. cl-CIDPS was evaluated using a powerful network security simulator tool (Nessi2) that is capable of testing detection units and communication schemas. NeSSi2 was extended for a cloud-based IDPS presenting a valuable simulation background that can be used by future researches to evaluate similar proposed techniques for cloud computing infrastructure.

[1]  Carla Merkle Westphall,et al.  Intrusion Detection for Grid and Cloud Computing , 2010, IT Professional.

[2]  Christoph Meinel,et al.  Intrusion Detection in the Cloud , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[3]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[4]  Jelena Mirkovic,et al.  Attacking DDoS at the source , 2002, 10th IEEE International Conference on Network Protocols, 2002. Proceedings..

[5]  Sahin Albayrak,et al.  Collaborative Intrusion Detection Framework: Characteristics, Adversarial Opportunities and Countermeasures , 2010, CollSec.

[6]  Hassan Takabi,et al.  DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[7]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[8]  Rajkumar Buyya,et al.  CloudSim: A Novel Framework for Modeling and Simulation of Cloud Computing Infrastructures and Services , 2009, ArXiv.

[9]  Ray C. C. Cheung,et al.  A memory-based NFA regular expression match engine for signature-based intrusion detection , 2013, Comput. Commun..

[10]  Xiaoyao Xie,et al.  Research on distributed intrusion detection system based on Protocol analysis , 2009, 2009 3rd International Conference on Anti-counterfeiting, Security, and Identification in Communication.

[11]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[12]  Tansu Alpcan,et al.  A Cooperative AIS Framework for Intrusion Detection , 2007, 2007 IEEE International Conference on Communications.

[13]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[14]  Irfan Gul,et al.  Distributed Cloud Intrusion Detection Model , 2011 .

[15]  Diomidis Spinellis,et al.  A survey of peer-to-peer content distribution technologies , 2004, CSUR.

[16]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[17]  Nirwan Ansari,et al.  A Proactive Test Based Differentiation Technique to Mitigate Low Rate DoS Attacks , 2007, 2007 16th International Conference on Computer Communications and Networks.