nach oben

The Journal of Supercomputing

Erschienen in:

01.09.2018

Multi-tenant intrusion detection system for public cloud (MTIDS)

verfasst von: Mohamed Hawedi, Chamseddine Talhi, Hanifa Boucheneb

Erschienen in: The Journal of Supercomputing | Ausgabe 10/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud computing is an innovative paradigm technology that is known for its versatility. It provides many creative services as requested, and it is both cost efficient and reliable. More specifically, cloud computing provides an opportunity for tenants to reduce cost and raise effectiveness by offering an alternative method of service utilization. Although these services are easily provided to tenants on demand with minor infrastructure investment, they are significantly exposed to intrusion attempts since the services are offered under the administration of diverse supervision over the Internet. Moreover, the security mechanisms offered by cloud providers do not take into consideration the variation of tenants’ needs as they provide the same security mechanism for all tenants. So, meeting tenants’ security requirements are still a major challenge for cloud providers. In this paper, we concentrate on the security service offered to cloud tenants and service providers and their infrastructure to restrain intruders. We intend to provide a flexible, on-demand, scalable, and pay-as-you-go multi-tenant intrusion detection system as a service that targets the security of the public cloud. Further, it is designed to deliver appropriate and optimized security taking into consideration the tenants’ needs in terms of security service requirements and budget.

Vorheriger Artikel Confidential smart-sensing framework in the IoT era

Nächster Artikel A low cost wearable wireless sensing system for paretic hand management after stroke

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

“A function is a process or a relation that associates each element x of a set X, the domain of the function, to a single element y of another set Y (possibly the same set), the codomain of the function” [39].

”The power set (or powerset) of any set S is the set of all subsets of S, including the empty set and S itself of the set R” [40].

Mell P, Grance T (2011) The NIST definition of cloud computing. Computer Security Division, Information Technology Laboratory, National Institute of Standards and Technology Gaithersburg, GaithersburgCrossRef

Amazon web services (aws) https://aws.amazon.com. Accessed 1 Jan 2017

Microsoft azure: Cloud computing platform & services. https://azure.microsoft.com. Accessed 19 Mar 2017

Rackspac. https://www.rackspace.com. Accessed 16 Apr 2017

Aruba cloud. https://www.arubacloud.com. Accessed 19 Apr 2017

Almorsy M, Grundy J, Müller I (2016) An analysis of the cloud computing security problem. arXiv preprint arXiv:1609.01107

Demchenko Y, Turkmen F, Slawik M, de Laat C (2017) Defining Intercloud Security Framework and Architecture Components for Multi-Cloud Data Intensive Applications. In: Cluster, cloud and grid computing (CCGRID), 2017 17th IEEE/ACM International Symposium on. IEEE, pp 945–952

Shawish A, Salama M (2014) Cloud computing: paradigms and technologies. In: Inter-cooperative collective intelligence: techniques and applications, Springer, pp 39–67

Patel A, Taghavi M, Bakhtiyari K, JúNior JC (2013) An intrusion detection and prevention system in cloud computing: a systematic review. J Netw Comput Appl 36(1):25–41CrossRef

10.

Adil M, Ijaz I (2015) IDS in cloud computing to secure virtual environment. Int J Enhanced Res Sci Technol Eng 4(3):199–207CrossRef

11.

Tan Z, Nagar UT, He X, Nanda P, Liu RP, Wang S, Hu J (2014) Enhancing big data security with collaborative intrusion detection. IEEE Cloud Comput 1(3):27–33CrossRef

12.

Oasis topology and orchestration specification for cloud applications (TOSCA) TC. https://www.oasis-open.org/committees/tosca/faq.php. Accessed 2 Mar 2017

13.

Modi CN, Acha K (2017) Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review. J Supercomput 73(3):1192–1234CrossRef

14.

Zhang Q, Cheng L, Boutaba R (2010) Cloud computing: state-of-the-art and research challenges. J Internet Serv Appl 1(1):7–18CrossRef

15.

Osanaiye O, Choo KKR, Dlodlo M (2016) Distributed denial of service (DDoS) resilience in cloud: review and conceptual cloud DDoS mitigation framework. J Netw Comput Appl 67:147–165CrossRef

16.

Park H, Lee EJ, Park DH, Eun, JS, Kim SH (2016) PaaS offering for the big data analysis of each individual APC. In: Information and communication technology convergence (ICTC), 2016 International Conference on. IEEE, pp 30–32

17.

Rosado DG (2012) Security engineering for cloud computing: approaches and tools: approaches and tools. IGI Global

18.

The customer success platform to grow your business. https://www.salesforce.com. Accessed 19 Mar 2017

19.

Scarfone K, Mell P (2007) Guide to intrusion detection and prevention systems (idps). NIST Spec Publ 800(2007):94

20.

Oktay U, Sahingoz OK (2013) Proxy network intrusion detection system for cloud computing. In: Technological advances in electrical, electronics and computer engineering (TAEECE), 2013 International Conference on. IEEE, pp 98–104

21.

Keegan N, Ji SY, Chaudhary A, Concolato C, Yu B, Jeong DH (2016) A survey of cloud-based network intrusion detection analysis. Hum Centric Comput Inf Sci 6(1):19CrossRef

22.

Zarrabi A, Zarrabi A (2012) Internet intrusion detection system service in a cloud. Citeseer

23.

Varadharajan V, Tupakula U (2014) Security as a service model for cloud environment. IEEE Trans Netw Serv Manag 11(1):60–75CrossRef

24.

Alharkan T, Martin P (2012) Idsaas: Intrusion detection system as a service in public clouds. In: Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012). IEEE Computer Society, pp 686–687

25.

Gul I, Hussain M (2011) Distributed cloud intrusion detection model. Int J Adv Sci Technol 34(38):135

26.

Gupta S, Kumar P (2017) Profile and back off based distributed NIDS in cloud. Wirel Pers Commun 94(4):2879CrossRef

27.

Wang Z, Zhu Y (2017) A centralized HIDS framework for private cloud. In: Software engineering, artificial intelligence, networking and parallel/distributed computing (SNPD), 2017 18th IEEE/ACIS International Conference on. IEEE, pp 115–120

28.

Modi C, Patel D (2018) A feasible approach to intrusion detection in virtual network layer of cloud computing. Sādhanā 43(7):114CrossRef

29.

Alruwaili FF, Gulliver A (2014) CCIPS: A cooperative intrusion detection and prevention framework for cloud services. Int J Latest Trends Comput 4(4):151–158

30.

Ficco M, Tasquier L, Aversa R (2013) Intrusion detection in cloud computing. In: P2P, parallel, grid, cloud and internet computing (3PGCIC), 2013 Eighth International Conference on. IEEE, pp 276–283

31.

Zargar ST, Takabi H, Joshi JB (2011) DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments. In: Collaborative computing: networking, applications and worksharing (CollaborateCom), 2011 7th International Conference on. IEEE, pp 332–341

32.

Lo CC, Huang CC, Ku J (2010) A cooperative intrusion detection system framework for cloud computing networks. In: Parallel processing workshops (ICPPW), 2010 39th International Conference on. IEEE, pp 280–284

33.

Service name and transport protocol port number registry. Inter Asterisk Exchange (IAX) Parameters. https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

34.

Snort. Official snort ruleset covering the most emerging threats. https://www.snort.org/products. Online; Accessed 1 May 2017

35.

Breiman L (2001) Random forests. Mach Learn 45(1):5–32CrossRef

36.

Kevric J, Jukic S, Subasi A (2017) An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Comput Appl 28(1):1051–1058CrossRef

37.

Man ND, Huh EN (2012) A collaborative intrusion detection system framework for cloud computing. In Proceedings of the International Conference on IT Convergence and Security 2011. Springer, pp 91–109

38.

Yan Y, Xu B, Gu Z (2008) Automatic service composition using and/or graph. In: E-commerce technology and the fifth IEEE conference on enterprise computing, e-commerce and e-services, 2008 10th IEEE Conference on. IEEE, pp 335–338

39.

Function mathematics. https://en.wikipedia.org/wiki/Function_mathematics. Accessed 30 Mar 2018

40.

Power set. https://en.wikipedia.org/wiki/Power_set. Accessed 30 Jan 2018

41.

Amazon virtual private cloud (vpc). https://aws.amazon.com/vpc. Accessed 1 May 2016

42.

Snort. Snort-network intrusion detection and prevention system. https://www.snort.org/. Online; Accessed 1 May 2015

43.

Microsoft sql server. https://www.microsoft.com. Accessed 1 Jan 2017

44.

iperf-the ultimate speed test tool for tcp, udp and sctp. https://iperf.fr/iperf-download.php/. Accessed 2 Oct 2016

45.

Chapade S, Pandey K, Bhade D (2013) Securing cloud servers against flooding based DDoS attacks. In: Communication systems and network technologies (CSNT), 2013 International Conference on. IEEE, pp 524–528

Titel: Multi-tenant intrusion detection system for public cloud (MTIDS)
verfasst von: Mohamed Hawedi
Chamseddine Talhi
Hanifa Boucheneb
Publikationsdatum: 01.09.2018
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 10/2018
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-018-2572-6

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 10/2018

A machine learning approach for feature selection traffic classification using security analysis

Infrequent pattern mining in smart healthcare environment using data summarization

Modeling SmallClient indexing framework for big data analytics

An optimization framework for the capacity allocation and admission control of MapReduce jobs in cloud systems

Towards ontology-based multilingual URL filtering: a big data problem

Forensic investigation to detect forgeries in ASF files of contemporary IP cameras