Network Intrusion Detection in Virtual Network Systems and Countermeasure Selection (NIDCS)
| Autor: | Mallamma C G, Meera J, Sujata Ramesh P |
|---|---|
| Rok vydání: | 2014 |
| Předmět: | |
| Zdroj: | IOSR Journal of Computer Engineering. 16:41-47 |
| ISSN: | 2278-0661 2278-8727 |
| DOI: | 10.9790/0661-16394147 |
| Popis: | Cloud computing provides shared resources to various cloud users. All the users share various computing resources e.g., being connected through the same switch, sharing the same data storage and the file systems. Hence the cloud security is the major concern in the cloud computing and has attracted lot of research activities. The most common issue with the cloud computing is the Distributed-Denial-of-Service (DDoS) attacks. The DDoS attacks involve actions such as multistep exploitation and compromising identified vulnerable virtual machines as zombies. In the Infrastructure-as-a-service (IaaS) model, the detection of zombie virtual machines is difficult as the user may install vulnerable applications in their own Virtual machines. To detect and prevent the virtual machines from becoming zombie, we propose Defense-in-depth intrusion detection framework called NIDCS, which is an attack graph based analytical model. Index Terms: Network security, cloud computing, attack graph, intrusion detection, zombie detection. I. Introduction Cloud computing presents a new way to supplement the current consumption and delivery model for IT services based on the Internet, by providing for dynamically scalable and often virtualized resources as a service over the Internet. The end user of a service running "in the cloud" is unaware of how the infrastructure is architected-it just works. The provider of that service is able to dynamically provision infrastructure to meet the current demand by leasing resources from a hosting company. The cloud provider can leverage economies of scale to provide dynamic, on-demand, infrastructure at a favorable cost.To date, there are a number of notable commercial and individual cloud computing service providers, including Amazon, Google, Microsoft, Yahoo, and Sale force. Examples of cloud services include online file storage, social networking sites, webmail, and online business applications. The cloud computing scenario is as shown in the Figure 1. Cloud computing relies on sharing of resources to achieve coherence and economies of scale, similar to a utility (like the electricity grid) over a network. At the foundation of cloud computing is the broader concept of converged infrastructure and shared services. The cloud also focuses on maximizing the effectiveness of the shared resources. Cloud |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|