Preview

A Cooperate Intrusion Detection System Framework for Cloud Computing Networks

Best Essays
Open Document
Open Document
3310 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
A Cooperate Intrusion Detection System Framework for Cloud Computing Networks
2010 39th International Conference on Parallel Processing Workshops

A Cooperative Intrusion Detection System Framework for Cloud Computing Networks

Chi-Chun Lo
Institute of Information Management National Chiao Tung University Hsinchu, Taiwan cclo@faculty.nctu.edu.tw

Chun-Chieh Huang
Institute of Information Management National Chiao Tung University Hsinchu, Taiwan chuchieh.iim91g@nctu.edu.tw

Joy Ku
Institute of Information Management National Chiao Tung University Hsinchu, Taiwan joyku@iim.nctu.edu.tw

Abstract—Cloud computing provides a framework for supporting end users easily attaching powerful services and applications through Internet. To provide secure and reliable services in cloud computing environment is an important issue. One of the security issues is how to reduce the impact of denialof-service (DoS) attack or distributed denial-of-service (DDoS) in this environment. To counter these kinds of attacks, a framework of cooperative intrusion detection system (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks. To provide such ability, IDSs in the cloud computing regions exchange their alerts with each other. In the system, each of IDSs has a cooperative agent used to compute and determine whether to accept the alerts sent from other IDSs or not. By this way, IDSs could avoid the same type of attack happening. The implementation results indicate that the proposed system could resist DoS attack. Moreover, by comparison, the proposed cooperative IDS system only increases little computation effort compared with pure Snort based IDS but prevents the system from single point of failure attack. Keywords-cloud computing; denial-of-service attack; distributed denial-of-service attack; cooperative intrusion detection system

I.

INTRODUCTION

Cloud computing has evolved through a number of implementations. Moving data into the cloud provides great convenience to users. Cloud computing is a collection of all


References: Figure. 3 Simulation results [1] [2] B.R. Kandukuri, R. Paturi V, and A. Rakshit, “Cloud Security Issues,” 2009 IEEE International Conference on Services Computing, Sep. 21-25, 2009, Bangalore, India, pp. 517-520. D. Curry and H.Debar, “Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) 283 288 Document Type Definition,” draft-ietf-idwg-idmef-xml-06.txt, Feb. 2002. [3] D.J. Ragsdale, C.A. Carver, Jr. J.W. Humphries, U.W. Pooch, “Adaptation techniques for intrusion detection and intrusion response systems,” 2000 IEEE International Conference on Systems, Man, and Cybernetics, Vol.4 , 8-11 Oct. 2000 p.2344-p.2349. [4] E.H, Spafford and D. Zamboni, “Intrusion Detection Using Autonomous Agent,” Computer Networks, vol.34, issue 4, 2000, pp.547-570. [5] G. Carl, G. Kesidis, R.R, Brooks, and S. Rai, “Denial-of-serive attack-detection techniques,” IEEE Transaction on Internet Computing, Vol.10, issue 1, 2006, pp.82-89. [6] J. Haggerty, S. Qi, and M. Merabti, “Early detection and prevention of denial-of-service attacks: a novel mechanism with propagated traced-back attack blocking,” IEEE Journal on Selected Areas in Communications, Vol.23, Issue 10, Oct.2005, pp.1994-2002. [7] L.J. Zhang and Qun Zhou, “CCOA: Cloud Computing Open Architecture,” 2009 IEEE International Conference on Web Services, July 6-10, 2009, Los Angeles, CA, USA, pp. 607-616. [8] M.H., Islam, K. Nadeem, S.A., Khan, “Efficient placement of sensors for detection against distributed denial of service attack,” International Conference on Innovations in Information Technology, 2008, 16-18 Dec. 2008, pp.653-657. [9] R. Martin, “Snort – Light Weight Intrusion Detection for Networks,” http://www.snort.org. [10] S. Cheung, R. Crawford, and M. Dilger et al., “The Design of GrIDS: A Graph-Based Intrusion Detection System,” Technical Report CSE99-2, U.C. Davis Computer Science Department, January 1999. [11] S.R. Snapp, J. Brentano, G.V. Dias, T.L. Goan, T. Grance, L.T. Heberlein, C.L. Ho, K.N. Levitt, B. Mukherjee, D.L. Mansur, K.L. Pon, and S.E. Smaha, “A system for distributed intrusion detection,” Compcon Spring’91, Feb-March 1991, pp.170-176. 284 289
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Satisfactory Essays

    IS3230 Lab 5 Chris Wiginton
    • 1152 Words
    • 4 Pages

    IS3230 Lab 5 Chris Wiginton

    c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.…

    • 1152 Words
    • 4 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    Best Practices Guide Lot2 Task 2 Essay Example
    • 1279 Words
    • 6 Pages

    Best Practices Guide Lot2 Task 2 Essay Example

    This guide is meant to describe best practices for the detection and prevention of denial of service attacks, such as the event that recently occurred at the university. It was determined that based on current security guidelines and current controls in place, the university was still severely vulnerable from an internal aspect and all identified gaps need to be addressed and resolved. Each control described below will provide a more in depth look at the overall strategy of how a network should be protected but still allow for the functionality that is required to maintain normal operations.…

    • 1279 Words
    • 6 Pages
    Better Essays
    Read More
  • Powerful Essays

    Riordan Security Issues
    • 1371 Words
    • 6 Pages

    Riordan Security Issues

    Shaw, R. (2009). Intrusion prevention systems market trends. Faulkner Information Services. Retrieved September 22, 2009, from…

    • 1371 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    Unit 1 Assignment 1 Signature Based Techniques
    • 111 Words
    • 1 Page

    Unit 1 Assignment 1 Signature Based Techniques

    The signature based technique is easier for deployment, since it does not need to learn the environment[5]. It is very effective against known attacks, but it cannot detect new intrusions until it is updated with the new signatures on its database.Therefore, they are easy to evade and can be easily bypassed by intruders by modifying known attack signatures and also target systems, that are not updated with new signatures that detect the modification. The architecture shown in Fig.1, uses the preprocessing to evaluate the signature and compare those signatures to the known signatures in the database. If there is a match then alert is issued, else the detection system does…

    • 111 Words
    • 1 Page
    Satisfactory Essays
    Read More
  • Better Essays

    NTC411 Week 5 Security Solutions
    • 890 Words
    • 4 Pages

    NTC411 Week 5 Security Solutions

    Hardware can be used to protect the network from outside threats. Intrusion detection systems (IDS) automate detection of threats and attack through traffic analysis. Cisco’s IDS “delivers a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, along with bandwidth and e-Business application attacks” (Cisco Systems, 2007, Cisco Intrusion Detection). They take this one-step further with an intrusion prevention systems (IPS). IPS shifts the focus on the attacker, not the attack itself, by increasing the accuracy of threat prevention through global threat analysis (Cisco Systems, 2012, Intrusion Prevention System with Global Correlation). The Cisco Adaptive Security Appliances (ASA) “combines the industry 's most deployed stateful inspection firewall with…

    • 890 Words
    • 4 Pages
    Better Essays
    Read More
  • Better Essays

    Cmgt 441 - Week 2 Individual
    • 1626 Words
    • 7 Pages

    Cmgt 441 - Week 2 Individual

    Cloud computing is a fast growing information technology trend that many companies including Google, Microsoft, and IBM are currently looking to get a stake in as demand for the service grows. Cloud computing is the concept of allowing both individuals and businesses to store data and applications on remote servers (owned and operated by a third party company), rather than on their own hard drives and data centers. The service boasts the ability to securely access data and applications from just about any device with an internet connection, allowing for such services as streaming music from a personal collection from multiple devices, and even to business development and storage of applications on remote servers. For the past few years, cloud computing has quickly grown in popularity, and as such, has come with its own set of risks and security concerns. As use of this service grows by both consumers and businesses, it will no doubt continue to attract the attention of hackers and cyber criminals, as it offers a central repository of data that can contain everything from financial statements, to company intellectual property. On 7/11/2011, eweek.com posted an article called “Cloud Computing Security: 10 Ways to Enforce It”, which attempts to give several suggestions on the best way to ensure that cloud computing is as safe as it is convenient.…

    • 1626 Words
    • 7 Pages
    Better Essays
    Read More
  • Satisfactory Essays

    NT2580
    • 526 Words
    • 5 Pages

    NT2580

    NT2580 Introduction to Information Security Unit 2 Application of Security Countermeasures to Mitigate Malicious Attacks © ITT Educational Services, Inc. All rights reserved. Learning Objective Describe how malicious attacks, threats, and vulnerabilities impact an IT infrastructure. NT2580…

    • 526 Words
    • 5 Pages
    Satisfactory Essays
    Read More
  • Better Essays

    Cis 500- Cloud Computing
    • 1078 Words
    • 5 Pages

    Cis 500- Cloud Computing

    Technology has taken great leaps of advancement. Some of the new technology that companies and consumers are taking advantage of to store and process data is cloud computing. Cloud computing was derived from virtualization. Virtualization allows companies to separate business applications from hardware. Doing this gives the company the capability of assigning applications as needed. The option to manage applications is a great benefit to companies. Resulting from the virtualization error, cloud computing has emerged to provide flexible IT infrastructures. This has not only enhanced the options companies now have, but it is also proven to be more cost efficient. This has increasingly become a preferred method of companies and consumers alike. (Turban, & Volonino, 2011, p.47)…

    • 1078 Words
    • 5 Pages
    Better Essays
    Read More
  • Powerful Essays

    ISP Survey
    • 1455 Words
    • 5 Pages

    ISP Survey

    References: Cichonski, P., Millar, T., Grance, T., Scarfone, K. (2012). NIST SP 800-61: Computer Security Incident Handling Guide. National Institute of Standards and Technology. Rev. 2. Retrieved from National Institute of Standards and Technology.…

    • 1455 Words
    • 5 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Modern Cryptographic Protocols in Fixed and Mobile Communication.
    • 2890 Words
    • 12 Pages

    Modern Cryptographic Protocols in Fixed and Mobile Communication.

    Kak, A. (2012). Lecture notes on “computer and network security”. (Lecture Notes, Purdue University Retrieved from https://engineering.purdue.edu/kak/compsec/NewLectures/Lecture20.pdf…

    • 2890 Words
    • 12 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Cloud Security Report
    • 9993 Words
    • 40 Pages

    Cloud Security Report

    [31] Badger, L., Grance, T., Patt-Comer, R., Voas, J. (2012) ‘Cloud Computing Synopsis and Recommendations: Recommendations of the National Institute of Standards and Technology’ NIST Special Publication.…

    • 9993 Words
    • 40 Pages
    Powerful Essays
    Read More
  • Good Essays

    IPremier Website Case Study
    • 821 Words
    • 3 Pages

    IPremier Website Case Study

    At approximately 4:30 a.m. on January 12, 2009, iPremier’s website suffered a Distributed Denial of Service (DDoS) attack. A DDoS attack is a method used by mischievous hackers to force a computer resource to stop responding to legitimate users. The hacker achieves this by taking control of a fleet of remote computers, often referred to as “zombies”, in order to send a flood of network traffic to a specific target, in this case, iPremier’s website. The website quickly becomes so overwhelmed dealing with the attacker’s traffic that it essentially locks up, preventing users from accessing the site. (1) After discussing the attack with Bob Turley, CIO, and the IT department, it’s apparent that the website was not prepared for such an attack, as users couldn’t enter the website for approximately one hour and sixteen minutes. Management of iPremier must adjust the company’s IT protocol if the company is to prevent further cyber attacks. In order to accomplish a more secure data system, we suggest management hire a well-known IT specialist to evaluate the situation and give professional advice on how to implement a strong defense. We also advise management to dissolve iPremier’s relationship with Qdata and establish a search team to find a new top notch IT service provider.…

    • 821 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Riordan Sr-Rm-013
    • 722 Words
    • 3 Pages

    Riordan Sr-Rm-013

    Sommer, R. (2009, July). An architecture for exploiting multi-core processors to parallelize network intrusion prevention..Concurrency & Computation: Practice & Experience, 21(10)…

    • 722 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Cmgt 400 Common Information Security Research Paper
    • 1058 Words
    • 5 Pages

    Cmgt 400 Common Information Security Research Paper

    Hostile users send a flood of fake requests to a server, overwhelming it and making a connection between the server and legitimate clients difficult or impossible to establish. The distributed denial of service (DDoS) allows the hacker to launch a massive, coordinated attack from thousands of hijacked (zombie) computers remotely controlled by the hacker. A massive DDoS attack can paralyze a network system and bring down giant websites. For example, the 2000 DDoS attacks brought down websites such as Yahoo! and eBay for hours. Unfortunately, any computer system can be a hacker’s target as long as it is connected to the Internet. DoS attacks can result in significant server downtime and financial loss for many companies, but the controls to mitigate the risk are very technical. Companies should evaluate their potential exposure to DoS attacks and determine the extent of control or protection they can afford Lin, P. (2006,…

    • 1058 Words
    • 5 Pages
    Good Essays
    Read More
  • Powerful Essays

    AI in cyber Defense
    • 2430 Words
    • 9 Pages

    AI in cyber Defense

    Cyber security is a multidisciplinary field that is targeted on reduction of risks to the secrecy, affinity and integrity of data, information and resources in computer as well as in network systems. Modern systems have become much complex. Need for an intelligent, adaptive and multimodal solution raises here for which best suited approach is artificial…

    • 2430 Words
    • 9 Pages
    Powerful Essays
    Read More

Related Topics