A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment
Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructur...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2013-03-01
|
| Series: | International Journal of Distributed Sensor Networks |
| Online Access: | https://doi.org/10.1155/2013/364575 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832547275451138048 |
|---|---|
| author | Sanchika Gupta Padam Kumar Ajith Abraham |
| author_facet | Sanchika Gupta Padam Kumar Ajith Abraham |
| author_sort | Sanchika Gupta |
| collection | DOAJ |
| description | Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloud environment. An initial prototype implementation is verified and tested on private cloud with a fully functional implementation under progress. |
| format | Article |
| id | doaj-art-2963d3d5aedd402d97fb694dfdbdba5d |
| institution | Kabale University |
| issn | 1550-1477 |
| language | English |
| publishDate | 2013-03-01 |
| publisher | Wiley |
| record_format | Article |
| series | International Journal of Distributed Sensor Networks |
| spelling | doaj-art-2963d3d5aedd402d97fb694dfdbdba5d2025-02-03T06:45:23ZengWileyInternational Journal of Distributed Sensor Networks1550-14772013-03-01910.1155/2013/364575A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud EnvironmentSanchika Gupta0Padam Kumar1Ajith Abraham2 Department of Electronics and Computer Engineering, Indian Institute of Technology Roorkee, Roorkee, Uttarakhand 247667, India Department of Electronics and Computer Engineering, Indian Institute of Technology Roorkee, Roorkee, Uttarakhand 247667, India IT4Innovations-Center of Excellence, VSB-Technical University of Ostrava, Ostrava-Poruba 70833, Czech RepublicCloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloud environment. An initial prototype implementation is verified and tested on private cloud with a fully functional implementation under progress.https://doi.org/10.1155/2013/364575 |
| spellingShingle | Sanchika Gupta Padam Kumar Ajith Abraham A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment International Journal of Distributed Sensor Networks |
| title | A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment |
| title_full | A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment |
| title_fullStr | A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment |
| title_full_unstemmed | A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment |
| title_short | A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment |
| title_sort | profile based network intrusion detection and prevention system for securing cloud environment |
| url | https://doi.org/10.1155/2013/364575 |
| work_keys_str_mv | AT sanchikagupta aprofilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment AT padamkumar aprofilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment AT ajithabraham aprofilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment AT sanchikagupta profilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment AT padamkumar profilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment AT ajithabraham profilebasednetworkintrusiondetectionandpreventionsystemforsecuringcloudenvironment |