A collaborative Network Intrusion Detection System (C-NIDS) in Cloud Computing. | [International Journal of Communication Networks and Information Security • 2016]

Author(s):

1. ZayedAl Haddad: Laboratory of Information Technology and Modeling, Faculty of Sciences Ben M'sik, Hassan II University of Casablanca, Morocco

2. Mostafa Hanoune: Laboratory of Information Technology and Modeling, Faculty of Sciences Ben M'sik, Hassan II University of Casablanca, Morocco

3. Abdelaziz Mamouni: Laboratory of Information Technology and Modeling, Faculty of Sciences Ben M'sik, Hassan II University of Casablanca, Morocco

Abstract:

In recent years, Cloud computing has emerged as a new paradigm for delivering highly scalable and on-demand shared pool IT resources such as networks, servers, storage, applications and services through internet. It enables IT managers to provision services to users faster and in a cost-effective way. As a result, this technology is used by an increasing number of end users. On the other hand, existing security deficiencies and vulnerabilities of underlying technologies can leave an open door for intruders. Indeed, one of the major security issues in Cloud is to protect against distributed attacks and other malicious activities on the network that can affect confidentiality, availability and integrity of Cloud resources. In order to solve these problems, we propose a Collaborative Network Intrusion Detection System (C-NIDS) to detect network attacks in Cloud by monitoring network traffic, while offering high accuracy by addressing newer challenges, namely, intrusion detection in virtual network, monitoring high traffic, scalability and resistance capability. In our NIDS framework, we use Snort as a signature based detection to detect known attacks, while for detecting network anomaly; we use Support Vector Machine (SVM). Moreover, in this framework, the NIDS sensors deployed in Cloud operate in collaborative way to oppose the coordinated attacks against cloud infrastructure and knowledge base remains up-to-date.

Page(s): 130-135

DOI: DOI not available

Published: Journal: International Journal of Communication Networks and Information Security, Volume: 8, Issue: 3, Year: 2016

Keywords:

Cloud Computing , Security , NIDS , Virtual infrastructure , Cloud based IDS

References:

[1] A. M.Lonea,D. E.Popescu,H.Tianfield, 2013.Detecting DDoS attacks in cloud computing environment”,International Journal of Computers Communications & Control 8 70 -78

[2] M.Peter, 2011.The NIST Definition of Cloud Computing”, National Institute of Standards and Technology,Sep 145 -

[3] H.Wu,Y.Ding,C.Winer, 2010.Network security for virtual machine in cloud computing”,5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT) 18 -21

[4] N.Jeyanthi,N. C. S.Iyengar, 2012.Packet Resonance Strategy: A Spoof Attack Detection and Prevention Mechanism in Cloud Computing Environment”, 3 163 -173

[5] C. N.Modi,K.Acha, 2016.Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review”,The Journal of Supercomputing -

[6] lockheedMartin, 2010.,Apr -

[7] C.Modi,D.Patel, 2013.A Novel hybrid-Network Intrusion Detection System (H-NIDS) in Cloud Computing”,the IEEE Symposium Computational Intelligence in Cyber Security (CICS) 23 -30

[8] J. D.Araújo,Z.Abdelouahab, 2015.EICIDS-elastic and internal cloud-based detection system”,International Journal of Communication Networks and Information Security (IJCNIS) 7 34 -

[9] N.Jeyanthi,N. C. S.Iyengar,P. M.Kumar,A.Kannammal, 2013.An enhanced entropy approach to detect and prevent DDoS in cloud environment”,International Journal of Communication Networks and Information Security(IJCNIS). 5 110 -

[10] J. H.Song,G.Zhao,and J. Y.Song, 2013.Model Optimization of Multiclass SVM for NIDS”,Applied Mechanics and Materials 347 3696 -3701

[11] D. S.Kim,J. S.Park,ChejuIsland, 2003.Network-based intrusion detection with support vector machines”, 747 -756

[12] K.Vieira,A.Schulter,C.Westphall,C.Westphall, 2010.Intrusion detection for grid and cloud computing”,IT Professional Magazine 12 38 -43

[13] U.Tupakula,V.Varadharajan,N.Akku,SecureComputing, 2011.Intrusion Detection Techniques for Infrastructure as a Service Cloud”, 744 -751

[14] H. A.Kholidy,F.Baiardi, 2012.CIDS: A Framework for Intrusion Detection in Cloud Systems”,Ninth International Conference on Information Technology - New Generations, Las Vegas-NV 379 -385

[15] I.Gul,M.Hussain, 2011.Distributed cloud intrusion detection model”,International Journal of Advanced Science and Technology 34 71 -82

[16] S. N.Dhage,B. B.Meshram,R.Rawat, 2011.Intrusion Detection System in Cloud Computing Environment”,the International Conference & Workshop on Emerging Trends in Technology ICWET '11 235 -239

[17] F.Idress,R.Muttukrishnan, 2013.Framework for Distributed and Self-healing Hybrid Intrusion Detection and Prevention System”,the International Conference on ICT Convergence (ICTC) 277 -282

[18] C.Modi,D.Patel,R.Muttukrishnan,A.Patel, 2012.Bayesian Classifier and Snort based Network Intrusion Detection System in Cloud Computing”,Coimbatore-India 1 -7

[19] S.Dinesh,P.Dhiren,B.Bhavesh,M.Chirag, 2015.Collaborative IDS Framework for Cloud”,International Journal of Network Security 18 99 -709

[20] Z.Al-Mousa,Q.Nasir,R.Doss,S.Piramuthu, 2015.cl-CIDPS: A Cloud Computing Based Cooperative Intrusion Detection and Prevention System Framework”,Future Network Systems and Security 523 181 -194

[21] C. N.Modi,D. R.Patel,A.Patel,M.Rajarajan, 2012.Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing”, Procedia Technology, 6 905 -912

[22] C.C Lo , C., 2008.Cooperative Intrusion Detection System Framework for Cloud Computing”,IEEE International Conference on Ubi-Media Computing 280 -284

[23] S.Ram, 2012.Secure Cloud computing based on mutual intrusion detection system”,International journal of computer application 2 57 -67

[24] C.Mazzariello,R.Bifulco,R.Canonico, 2010.Integrating a network ids into an open source cloud computing environment”,Atlanta-GA 265 -270

[25] S.Roschke, 2009.An Extensible and Virtualization-Compatible IDS Management Architecture”,Xi'an 130 -134

Citations

Downloads

Views