Abstract
Cloud Computing is one of today’s most promising technologies due to its cost-efficiency, flexibility and scalability for computing processes. However, the complex architecture of cloud infrastructure and the different levels of users lead to special requirements especially in security area. The Cloud provider is responsible for providing secure, reliable and trustful services to its consumers. Network intrusion detection system and network intrusion prevention system (IDPS), is a pioneer active security-defensive mechanism that is ideal to be used in cloud computing. Collaborative or cooperative IDS had been a hot topic for the last few years. However, there were some limitations in previous techniques indicating that they are not sufficient to cover all security threats in clouds. The main objective is to propose a cloud based cooperative intrusion detection and prevention system (cl-CIDPS). The system adds several contributions to the area of IDPS in clouds by proposing an integrated design that considers detection, prevention and logging capabilities applying both signature and anomaly detection mechanisms. cl-CIDPS was evaluated using a powerful network security simulator tool (Nessi2) that is capable of testing detection units and communication schemas. NeSSi2 was extended for a cloud-based IDPS presenting a valuable simulation background that can be used by future researches to evaluate similar proposed techniques for cloud computing infrastructure.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zargar, S.T., Takabi, H., Joshi, J.B.: DCDIDP: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: IEEE 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 332–341 (2011)
Qu, X., Liu, Z., Xie, X.: Research on distributed intrusion detection system based on protocol analysis. In: IEEE ASID 3rd International Conference on Anti-counterfeiting, Security, and Identification in Communication, Hong Kong, pp. 421–424 (2009)
Lo, C.C., Huang, C.C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks. In: IEEE 39th International Conference on Parallel Processing Workshops (ICPPW), San Diego, pp. 280–284, September 2010
Roschke, S., Cheng, F., Meinel, C.: Intrusion detection in the cloud. In: DASC2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, Chengdu, pp. 729–734 (2009)
Bye, R., Camtepe, S.A., Albayrak, S.: Collaborative intrusion detection framework: characteristics, adversarial opportunities and countermeasures. In: Usenix Workshop on Collaborative Methods for Security and Privacy, CollSec, USENIX Association, August 2010
Luther, K., Bye, R., Alpcan, T., Muller, A., Albayrak, S.: A cooperative AIS framework for intrusion detection. In: ICC2007 IEEE International Conference on Communications, pp. 1409–1416. IEEE, Glasgow (2007)
Gul, I., Hussain, M.: Distributed cloud intrusion detection model. Int. J. Adv. Sci. Technol. 34, 71–82 (2011)
Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36, 42–57 (2013)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)
Rainer, B.: Group-based IDS collaboration framework-a case study of the artificial immune system. Ph.D. dissertation, Dept. Elect. Eng., University of Berlin (2013)
Patel, A., Taghavi, M., Bakhtiyari, K., Júnior, J.C.: An intrusion detection and prevention system in cloud computing: a systematic review. J. Netw. Comput. Appl. 36(1), 25–41 (2013)
Roschke, S., Cheng, F., Meinel, C.: An advanced IDS management architecture. J. Inform. Assur. Secur. 5, 246–255 (2010). USA
Vieira, K., Schulter, A., Westphall, C., Westphall, C.: Intrusion detection for grid and cloud computing. IT Prof. 4, 38–43 (2009)
Mell, P. and Grance, T.: The NIST definition of cloud computing. NIST Special Publication 800–145, National Institute of Standards and Technology, Gaithersburg, MD, United States (2011)
Androutsellis-Theotokis, S., Spinellis, D.: A survey of peer-to-peer content distribution technologies. ACM Comput. Surv. (CSUR) 36, 335–371 (2004)
Pao, D., Or, N.L., Cheung, R.C.: A memory-based NFA regular expression match engine for signature-based intrusion detection. Comput. Commun. 36, 1255–1267 (2013)
Mirkovic, J., Prier, G., Reiher. P.: Attacking DDoS at the source. In: IEEE 10th International Conference on Network Protocols, IEEE Proceedings (2002)
Shevtekar, A., Ansari, N. A.: Proactive test based differentiation technique to mitigate low rate DoS attacks. In: IEEE 16th International Conference on Computer Communications and Networks (ICCCN), pp. 639–644 (2007)
CloudSim: A Framework for Modeling and Simulation of Cloud Computing Infrastructures and Services, The CLOUDS Lab: Flagship Projects (2006). http://www.cloudbus.org/cloudsim/
NeSSi2 (2013). http://www.NeSSi2.de/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Al-Mousa, Z., Nasir, Q. (2015). cl-CIDPS: A Cloud Computing Based Cooperative Intrusion Detection and Prevention System Framework. In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-19210-9_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19209-3
Online ISBN: 978-3-319-19210-9
eBook Packages: Computer ScienceComputer Science (R0)