A Survey of Intrusion Detection Systems for Cloud Computing
Keywords:
Cloud computing, Firewalls, Intrusion detection system, Intrusion prevention system.Abstract
End customers benefit from scalable, virtualized, on-demand services delivered through the cloud, all while spending less money on infrastructure. Internet-based delivery of such services is made possible by the use of well-established networking protocols as well as formats, which are overseen by a variety of organisations. Deficiencies and flaws in the underlying technology and old protocols may lead to intrusions. Cloud resources as well as services are protected from a variety of threats and assaults by (IDS) that is Intrusion Detection System, which is the most often utilised component of the computer security as well as compliance. Cloud incursions, IDS detection methods, including IDS based over the Cloud Computing are all discussed in this study.
References
[1] B. Zarpelao, "A survey of intrusion detection in internet of things;' Journal of Network and Computer Applications, 2017.
[2] S. Raza, Wallgren , "Svelte: Real-time intrusion detection in the internet of things," Adhocnetworks, vol. 11, no. 8, 2013.
[3] M. Nobakht, "A host-based intrusion detection and mitigation framework for smart home IoT using open flow," in Availability, Reliability and Security, 2016 11thInternational Conference on IEEE, 2016.
[4] M. Slaviero, "BlackHat presentation demo vids: Amazon.
[5] J. Rutkowska, "Subverting VistaTM Kernel for Fun and Profit," Black Hat Conference, 2006.
[6] S. King, P. Chen, and Y-M. Wang, "SubVirt: Implementing malware with virtual machines," 2006 IEEE Symposium on Security and Privacy, 2006, pp.314-327.
[7] S. Bahram, X. Jiang, Z. Wang, and M. Grace, "DKSM: Subverting Virtual Machine Introspection for Fun and Profit," Proceedings of the 29th IEEE International Symposium on Reliable Distributed Systems, 2010.
[8] NIST: National vulnerability database.
[9] D. Goodin, "Webhost Hack Wipes Out Data for 100,000 Sites."
[10] A. Bakshi, and Y. B. Dujodwala, "Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine," Communication Software and Networks, 2010. ICCSN'10. Second International Conference on, pp. 260-264, 2010.
[11] "Home - Snort.Org," https://www.snort.org/.
[12] C. Modi, D. Patel, B. Borisaniya, H. Patel, A. Patel, and M. Rajarajan, "A survey of intrusion detection techniques in Cloud," Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42-57, 2013.
[13] N. A. Premathilaka, A. C. Aponso, and N. Krishnarajah, "Review on state of art intrusion detection systems designed for the cloud computing paradigm," 2013 47th International Carnahan Conference on Security Technology (ICCST), pp. 1 - 6, 2013.
[14] C. Mazzariello, R. Bifulco, and R. Canonico, "Integrating a network IDS into an open source Cloud Computing environment," 2010 Sixth International Conference on Information Assurance and Security, pp. 265 - 270, 2010.
[15] S. Gupta, P. Kumar, and A. Abraham, "A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment," International Journal of Distributed Sensor Networks, vol. 2013, pp. 1-12, 2013. https://doi.org/10.1155/2013/495803
[16] M. Laureano, C. Maziero, and E. Jamhour, "Intrusion Detection in Virtual Machine Environments," Proceedings. 30th Euromicro Conference, 2004., pp. 520 - 525, 2004.
[17] S. Alarifi, and S. Wolthusen, "Anomaly detection for ephemeral cloud IaaS virtual machines," Network and System Security, pp. 321-335, 2013.
[18] A. Patel, Q. Qassim, Z. Shukor, J. Nogueira, J. Júnior, C. Wills, and P. Federal, "Autonomic agent-based self-managed intrusion detection and prevention system," In Proceedings of the South African Information Security Multi-Conference pp. 223-234, 2011.
[19] J.-H. Lee, M.-W. Park, J.-H. Eom, and T.-M. Chung, "Multi-level intrusion detection system and log management in cloud computing," Advanced Communication Technology (ICACT), 2011 13th International Conference pp. 552-555, 2011.
[20] C.-C. Lo, C.-C. Huang, and J. Ku, "A Cooperative Intrusion Detection System Framework for Cloud Computing Networks," 2010 39th International Conference on Parallel Processing Workshops, pp. 280-284, 2010.
[21] J. He, C. Tang, Y. Yang, Y. Qiao, and C. Liu, "3D-IDS: IaaS User-oriented Intrusion Detection System," Information Science and Engineering (ISISE), 2012 International Symposium on, pp. 12-15, 2012.
[22] M. P. K. Shelke, M. S. Sontakke, and A. D. Gawande., "Intrusion detection system for cloud computing," International Journal of Scientific & Technology Research, pp. 67-71, 2012.
[23] X. Zhao, B. Kevin, and P. Atul, "Virtual Machine Security Systems," Advances in Computer Science and Engineering, pp. 339-365, 2009.
[24] T. Garfinkel, and M. Rosenblum, "A Virtual Machine Introspection Based Architecture for Intrusion Detection," In NDSS vol. 3, pp. 191-206, 2003. 35] X. Jiang, X. Wang, and D. Xu, "Stealthy malware detection through vmm-based out-of-the-box semantic view reconstruction," Proceedings of the 14th ACM conference on Computer and communications security - CCS '07, pp. 128-138 2007.
[25] M. Laureano, C. Maziero, and E. Jamhour, "Intrusion Detection in Virtual Machine Environments," Proceedings. 30th Euromicro Conference, 2004., pp. 520 - 525, 2004.
[26] B. D. Payne, M. Carbone, M. Sharif, and W. Lee, "Lares: An Architecture for Secure Active Monitoring Using Virtualization," 2008 IEEE Symposium on Security and Privacy (sp 2008), pp. 233-247, 2008.
[27] T. Garfinkel, and M. Rosenblum, "A Virtual Machine Introspection Based Architecture for Intrusion Detection," In NDSS vol. 3, pp. 191-206, 2003.
[28] X. Jiang, X. Wang, and D. Xu, "Stealthy malware detection through vmm-based out-of-the-box semantic view reconstruction," Proceedings of the 14th ACM conference on Computer and communications security - CCS '07, pp. 128-138 2007.
