Skip to main content
SpringerLink
Log in

eCloudIDS Tier-1 uX-Engine Subsystem Design and Implementation Using Self-Organizing Map (SOM) for Secure Cloud Computing Environment

  • Conference paper
Recent Trends in Computer Networks and Distributed Systems Security (SNDS 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 335))

Abstract

Cloud computing is becoming more influential as a technical-cum-business model in the present scenario of enterprise business computing. It attracts the customers with its glossy catchphrase ‘pay-as-you-use’. Even after knowing all its benefits, many organizations ranging from medium to large businesses fear migrating to this computing paradigm because of the security issues associated with it. The reason being, today’s business computing world breathes solely on users and their data which require sophisticated mechanisms to protect it against theft and misuse. Subsequently, due to the public and multi-tenancy nature of cloud, the security threats and the velocity of consequences are higher in cloud, than in in-premises computing. eCloudIDS a next-generation security system designed with innovative hybrid two-tier expert engines, namely uX-Engine (tier-1) and sX-Engine (tier-2), is considered as a most suitable security solution for cloud computing environments; precisely public cloud. This paper deals with the design and implementation of our proposed eCloudIDS architecture’s Tier-1 uX-Engine Subsystem using one of the unsupervised machine learning techniques named Self-Organizing Map (SOM). This experiment was conducted on the setup with 6 machines which had Ubuntu 10.04 LTS 64-bit LTS Desktop edition as native operating system, CloudStack 3.0.0 as IaaS platform, XenServer 6.0 as virtualization host, and all systems with statically allocated IP addresses. This paper travels through the phases and footprints involved in the implementation of proposed eCloudIDS Tier-1 uX-Engine subsystem architecture using SOM. Further, our implemented system showcases the detection performance rate as 89% with minimal false alarm rates, which is considerably substantial for an unsupervised machine learning implementation.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Madhan, K.S., Sarukesi, K., Rodrigues, P., Saimanoj, M., Revathy, P.: State-of-the-art Cloud Computing Security Taxonomies – A classification of security challenges in the present cloud computing environment. In: ICACCI 2012, pp. 470–476. ACM, India (2012), doi:10.1145/2345396.2345474, ISBN: 978-1-4503-1196-0

    Google Scholar 

  2. Cloud Computing and Sustainability: The Environmental Benefits of moving to the Cloud. Technical report, Accenture (2010)

    Google Scholar 

  3. Srinivasan, M.K., Sarukesi, K., Keshava, A., Revathy, P.: eCloudIDS – Design Roadmap for the Architecture of Next-Generation Hybrid Two-Tier Expert Engine-Based IDS for Cloud Computing Environment. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Calero, J.M.A., Thomas, T. (eds.) SNDS 2012. CCIS, vol. 335, pp. 358–371. Springer, Heidelberg (2012)

    Google Scholar 

  4. Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Technical report, Cloud Security Alliance (2009)

    Google Scholar 

  5. Top Threats to Cloud Computing V1.0. Technical report, Cloud Security Alliance (2010)

    Google Scholar 

  6. What’s Holding Back the Cloud? Technical report, Intel IT Center (2012)

    Google Scholar 

  7. Securing Multi-Tenancy and Cloud Computing. Technical report, Juniper Networks (2012)

    Google Scholar 

  8. Li, H., Sedayao, J., Hahn-Steichen, J., Jimison, E., Spence, C., Chahal, S.: Developing an Enterprise Cloud Computing Strategy. Technical report, Intel Corporation (2009)

    Google Scholar 

  9. Madhan Kumar, S., Rodrigues, P.: A Roadmap for the Comparison of Identity Management Solutions Based on State-of-the-Art IdM Taxonomies. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds.) CNSA 2010. CCIS, vol. 89, pp. 349–358. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  10. Madhan, K.S., Rodrigues, P.: Analysis on Identity Management Systems with Extended State-of-the-art IdM Taxonomy Factors. International Journal of Ad hoc, Sensor & Ubiquitous Computing 1(4), 62–70 (2010), doi:10.5121/ijasuc.2010.1406

    Article  Google Scholar 

  11. Shiels, M.: Malicious insider attacks to rise. Technical report, BBC News (2009)

    Google Scholar 

  12. Mell, P., Grance, T.: The NIST Definition of Cloud Computing. NIST Special Publication 800-145. Technical report, National Institute of Standards and Technology (2011)

    Google Scholar 

  13. Ghahramani, Z.: Unsupervised Learning. In: Bousquet, O., von Luxburg, U., Rätsch, G. (eds.) Machine Learning 2003. LNCS (LNAI), vol. 3176, pp. 72–112. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Kayacik, H.G., Zincir-Heywood, A.N., Heywood, M.I.: A Hierarchical SOM based Intrusion Detection System. Journal of Engineering Applications of Artificial Intelligence 20(4), 439–451 (2007), doi:10.1016/j.engappai.2006.09.005

    Article  Google Scholar 

  15. Patole, V.A., Pachghare, V.K., Kulkarni, P.: Self-Organizing Maps to Build Intrusion Detection System. Intl. Journal of Computer Applications, 1–4 (2010)

    Google Scholar 

  16. Khaled, L., Rao, V.: NSOM – A Real-Time Network-Based Intrusion Detection System Using Self-Organizing Maps. University of California. Technical report. Davis (2002)

    Google Scholar 

  17. Zanero, S.: Improving Self-Organizing Map Performance for Network Intrusion Detection. In: SDM 2005 Workshop on Clustering High Dimensional Data and its Applications (2005)

    Google Scholar 

  18. Bivens, A., Palagiri, C., Smith, R., Szymanski, B., Embrechts, M.: Network-based Intrusion Detection using Neural Networks. In: Intelligent Engineering Systems through Artificial Neural Networks, ANNIE 2002, New York, vol. 12, pp. 579–584 (2002)

    Google Scholar 

  19. Keerthi, B., Madhan, K.S., Sarukesi, K., Rodrigues, P.: Implementation of Next-generation Traffic Sign Recognition System with Two-tier Classifier Architecture. In: ACM ICACCI 2012, pp. 481–487. ACM, India (2012), doi:10.1145/2345396.2345476

    Google Scholar 

  20. Balasundaram, K., Srinivasan, M.K., Sarukesi, K.: iReSign-Implementation of Next-Generation Two-Tier Identity Classifier-Based Traffic Sign Recognition System Architecture using Hybrid Region-Based Shape Representation Techniques. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Calero, J.M.A., Thomas, T. (eds.) SNDS 2012. CCIS, vol. 335, pp. 408–421. Springer, Heidelberg (2012)

    Google Scholar 

  21. CloudStack 3.0.0 Release Notes. Technical report. Citrix Systems, Inc. (2012)

    Google Scholar 

  22. XenServer 6.0 Release Notes. Technical report. Citrix Systems, Inc. (2012)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Infosys Limited, Mysore, India

    Madhan Kumar Srinivasan, Ashima Keshava & P. Revathy

  2. Hindustan University, Chennai, India

    K. Sarukesi

Authors
  1. Madhan Kumar Srinivasan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. K. Sarukesi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashima Keshava
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Revathy
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Indian Institute of Information Technology and Management, Technopark Campus, 695581, Trivandrum, Kerala, India

    Sabu M. Thampi  & Tony Thomas  & 

  2. School of Information Technologies, The University of Sydney, Building J12, 2006, Sydney, NSW, Australia

    Albert Y. Zomaya

  3. FG Peer-to-Peer-Netzwerke, TU Darmstadt - FB 20, Hochschulstr. 10, 64289, Darmstadt, Germany

    Thorsten Strufe

  4. Hewlett-Packard Laboratories, Stoke Gifford, BS34 8QZ, Bristol, UK

    Jose M. Alcaraz Calero

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Srinivasan, M.K., Sarukesi, K., Keshava, A., Revathy, P. (2012). eCloudIDS Tier-1 uX-Engine Subsystem Design and Implementation Using Self-Organizing Map (SOM) for Secure Cloud Computing Environment. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2012. Communications in Computer and Information Science, vol 335. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34135-9_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-34135-9_42

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-34134-2

  • Online ISBN: 978-3-642-34135-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation