Abstract
Cloud computing is an emerging paradigm with virtual machine as its enabling technology. As with any other Internet-based technology, security underpins widespread success of Cloud computing. However, Cloud computing introduces new challenges with respect to security mainly due to the unique characteristics inherited via virtual machine technology. In this chapter, we focus on the challenges imposed on intrusion diagnosis for Clouds due to these characteristics. In particular, we identify the importance of intrusion diagnosis problem for Clouds and the novel challenges for intrusion diagnosis for Clouds. Also, we propose a solution to address these challenges and demonstrate the effectiveness of the proposed solution with empirical evaluation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amazon Elastic Computing Cloud Available at: http://www.aws.amazon.com/ec2
Google Cloud. Available at: www.googlecloud.com
GoGrid: Scalable Load-Balanced Windows and Linux Cloud-Server Hosting. Available at: http://www.gogrid.com/
Nimbus. Available at: www.workspace.globus.org
OpenNebula Project. http://www.opennebula.org
Burchard, L., M. Hovestadt, O. Kao, A. Keller, and B. Linnert: The Virtual Resource Manager: An Architecture for SLA-aware Resource Management, in the IEEE International Symposium on Cluster Computing and the Grid. 2004. p. 126–133.
Tal Garfinkel, Mendel Rosenblum: When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. In the Proceedings of 10th Workshop on Hot Topics in Operating Systems, 2005 – http://www.usenix.org
Junaid Arshad, Integrated Intrusion Detection and Diagnosis for Clouds. In the proceedings of Dependable Systems and Networks (DSN), Student Forum 2009.
John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report CMU-CS-02-140. May 2002.
Junaid Arshad, Paul Townend, Quantification of Security for Compute Intensive workloads in Clouds. Submitted to International Conference on Parallel and Distributed Systems (ICPADS) 2009.
Stephen Northcutt and Judy Novak; Network Intrusion Detection: An Analyst’s Handbook, 3 rd edition New Riders Publishing Thousand Oaks, CA, USA ISBN:0735712654
Peter Mell and Karen Scarfone A Complete Guide to the Common Vulnerability Scoring System Version 2.0 http://www.first.org/cvss/cvss-guide.html
IBM Systems, Virtualization version 2, release 1 available at: publib.boulder.ibm.com/infocenter/eserver/v1r2/topic/eicay/eicay.pdf
Algirdas Avi zienis, Jean-Claude Laprie, Brian Randell and Carl Landwehr: Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transaction on Dependable And Secure Computing, Vol. 1, No. 1, January-March 2004.
Rick Kazman, Mark Klein, Mario Barbacci, Tom Longstaff, Howard Lipson and Jeromy Carriere The Architecture Tradeoff Analysis Method Technical Report, CMU/SEI-98-TR-008 ESC-TR-98-008 available at http://www.pst.ifi.lmu.de/lehre/WS0102/architektur/VL9/ATAM.pdf
Wei Jie, Junaid Arshad, Richard Sinnott and Paul Townend; Towards Shibboleth based Security for Grids – A State-of-art Review on Grid Authentication and Authorization Technology. Accepted for ACM Computing Surveys. Association for Computing Machinery 2009.
J. MacQueen. Some methods for classification and analysis of multivariate observations, volume 1 of Proceedings of the Fifth Berkeley Symposium on Mathematical statistics and probability, pages 281–297, Berkeley, 1967. University of California Press.
Quinlan, J. R. C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, 1993
Massimo Bernaschi, Emnuele Gabrieli, Luigi V. Mancini; Remus: a security-enhanced operating system in the proceedings of ACM Transactions on Information and System Security 2002.
The MathWorks – MATLAB and Simulink for Technical Computing. http://www.mathworks.com
Information on See5/C5.0 www.rulequest.com/see5-info.html
Severity Levels: http://www.internetbankingaudits.com/severity_levels.htm
Jinpeng Huai, Qin Li, Chunming Hu; CIVIC: A Hypervisor based Computing Environment in the Proceedings of the 2007 International Conference on Parallel Processing Workshops.
Paul Barham_, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauery, Ian Pratt, Andrew Warfield; Xen and the Art of Virtualization in the Proceedings of SOSP’03, October 19.22, 2003.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag London Limited
About this chapter
Cite this chapter
Arshad, J., Townend, P., Xu, J. (2011). An Intrusion Diagnosis Perspective on Cloud Computing. In: Yang, X., Wang, L., Jie, W. (eds) Guide to e-Science. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-0-85729-439-5_11
Download citation
DOI: https://doi.org/10.1007/978-0-85729-439-5_11
Published:
Publisher Name: Springer, London
Print ISBN: 978-0-85729-438-8
Online ISBN: 978-0-85729-439-5
eBook Packages: Computer ScienceComputer Science (R0)