Abstract
Cloud Computing is the recent buzz word in computing which has enormous potential to revolutionize the IT industry. Cloud opened up new computing scenarios coupled with many significant benefits, however they also turned to become new avenues of attacks and exploits. This paper proposes a unique Distributed Intrusion Detection System (DIDS) based on a novel combination of two variant trends in intrusion detection-the behavior based and knowledge based intrusion detection mechanisms. The behavior based approach facilitates improved detection in the dynamic cloud environment and the knowledge based approach supports the detection scheme with its definitive rule base. The functionality of both these approaches has been improved by the addition of an adaptive approach which helps to significantly assist in lowering the false positives. In addition to this, another novel and the striking advantage of the proposed detection scheme is the alert clustering and analyzing facility thereby helping all cooperating nodes in detecting false alarms from any malicious nodes. DOS attacks in one node can be sent as alerts to help other cooperating nodes in updating themselves about new attack patterns leading to early detection and prevention of attacks. This scheme collectively helps to make the underlying cloud infrastructure more immune to attacks and continue to provide services to users.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zunnurhain, K., Vrbsky, S.V.: Security Attacks in Clouds. In: CloudCom 2010 (2010)
Kazienko, P., Dorosz, P.: Intrusion Detection Systems (IDS) Part2-Classification, methods, techniques (July 23, 2004), http://www.windowsecurity.com/articles/ids-part2-Classification-methods-techniques.html
Cox, P.: Intrusion detection in a cloud computing environment, http://www.searchcloudcom-putingtarget.com/tip/Intrusion-detection-in-a-cloud-computing-environment
Einwechter, N.: An introduction to Intrusion Detection System, http://www.symantec.com/connect/articles/introduction-distributed-intrusion-detection-systems
Nikolai, J.: Detecting Unauthorized usage in a cloud using Tenant, http://www.homepages.dsu.edu/malladis/teach/717/Papers/nikolai.pdf
Lo, C.-C., Huang, C.-C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks, 1530-2016/10,2010 IEEE
Vieira, K., Schulter, A., Westphall, C.B., Westphall, C.M.: Intrusion Detection for Grid and Cloud Computing, 1520-9202/10,2010 IEEE
Gul, I., Hussain, M.: Distributed Cloud Intrusion Detection Model. International Journal of Advanced Science and Technology 34, 71–82 (2011)
Zhang, G., Parashar, M.: Cooperative Defence against DDOS Attacks. Journal of Research and Practice in Information Technology 38(1) (February 2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Krishnan, D., Chatterjee, M. (2012). An Adaptive Distributed Intrusion Detection System for Cloud Computing Framework. In: Thampi, S.M., Zomaya, A.Y., Strufe, T., Alcaraz Calero, J.M., Thomas, T. (eds) Recent Trends in Computer Networks and Distributed Systems Security. SNDS 2012. Communications in Computer and Information Science, vol 335. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-34135-9_45
Download citation
DOI: https://doi.org/10.1007/978-3-642-34135-9_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-34134-2
Online ISBN: 978-3-642-34135-9
eBook Packages: Computer ScienceComputer Science (R0)