Cloud Security Framework: VM Features Based Intrusion Detection System
Published: 2019
Author(s) Name: Yakuta Tayyebi and D. S. Bhilare |
Author(s) Affiliation: Department of Computer Science, I.L.V.A. Commerce & Science College, Indore, Madhya Pradesh, India.
Locked
Subscribed
Available for All
Abstract
Cloud services provide resources that are accessed remotely over the network. The distributed architecture of Cloud deployed over the internet, exposes it to several network attacks. To provide a secure architecture, several frameworks using various security tools have been proposed. However, due to the dynamic nature of cloud infrastructure, newer challenges have to be addressed. Here, we propose a Multilevel Intrusion detection system using virtual machine’s feature and behaviour to provide a secure Cloud architecture. This framework deploys VM’s feature based signature intrusion detection system on each VM (instance) in the cloud. IDS are configured for every VM at the time of its launch according to the features defined by the user and updated thereafter according to the traffic pattern at that VM, by a Control unit at the host level. The framework developed works at optimal computational cost, minimum packet drop and acceptable attack detection rate. For verifying the functional validation and effectiveness of this framework, we have developed a prototype considering few known attacks signatures.
Keywords: Cloud computing, Network based intrusion detection system, Snort, Virtual machine.
View PDF