One of the major security issues in Cloud computing is to detect malicious activities at the network layer. In this paper, we propose a framework integrating network intrusion detection system (NIDS) in the Cloud. Our...
详细信息
One of the major security issues in Cloud computing is to detect malicious activities at the network layer. In this paper, we propose a framework integrating network intrusion detection system (NIDS) in the Cloud. Our NIDS module consists of Snort and signature apriori algorithm. It generates new rules from captured packets. These new rules are appended in the Snort configuration file to improve efficiency of Snort. It aims to detect known attacks and derivative of known attacks in Cloud by monitoring network traffic, while ensuring low false positive rate with reasonable computational cost. We also recommend the positioning of NIDS in Cloud. We present experimental setup and discuss the design goals expected from proposed framework.
Cloud Computing has emerged as a model to process large volumetric data. Though Cloud Computing is very popular, cloud security could delay its adoption. Security of the cloud must provide data confidentiality and pro...
详细信息
ISBN:
(纸本)9781467359405
Cloud Computing has emerged as a model to process large volumetric data. Though Cloud Computing is very popular, cloud security could delay its adoption. Security of the cloud must provide data confidentiality and protection of resources. The security of Cloud Computing extends the physical security which securing equipment constituting the Cloud architecture, data security must ensure that the service to the client, and network security which plays an important role in ensuring service and reliable protection against attacks and intrusions. At this level, security systems operating in traditional networks are also used in the new model to strengthen its network security. In this work, we propose a collaborative model consists of the Intrusion Detection and Prevention System functions based distributed IDS and IPS, with the use of a hybrid detection technique for addressing the problems of attacks encountered, specifically distributed attacks such as port scanning attacks and distributed internally established within a Cloud Computing environment by users entitled to access, including the integration of the signature apriori algorithm for generating new attack signatures whose objective is to develop the functioning of our security system to be able to detect and block various types of attacks and intrusions.
暂无评论