Skip to main content
SpringerLink
Log in

Taxonomy and Proposed Architecture of Intrusion Detection and Prevention Systems for Cloud Computing

  • Conference paper
Cyberspace Safety and Security (CSS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7672))

Included in the following conference series:

Abstract

The distributed and open structure of cloud computing and services becomes an attractive target for potential cyber-attacks by intruders. The traditional Intrusion Detection and Prevention Systems (IDPS) are deemed largely inefficient to be deployed in cloud computing environments due to their openness, dynamicity and virtualization in offered services. This paper surveys and explores the possible solutions to detect and prevent intrusions in cloud computing systems by providing a comprehensive taxonomy of existing IDPS. It discusses the key features of IDPS that are challenging and crucial for choosing the right security measures for designing an IDPS. The paper further reviews the current state of the art of developed IDPSs for cloud computing which uses advanced techniques in overcoming the challenges imposed by cloud computing requirements for more resilient, effective and efficient IDPSs, abbreviated as CIPDS.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Cloud-Security-Alliance, Top Threats to Cloud Computing V1.0 (2010), https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf

  2. Galante, J., Kharif, O., Alpeyev, P.: Sony Network Breach Shows Amazon Cloud’s Appeal for Hackers (2011), http://www.bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lures-hackers-at-pennies-an-hour.html

  3. Shabtai, A., Fledel, Y., Kanonov, U., Elovici, Y., Dolev, S., Glezer, C.: Google android: A comprehensive security assessment. IEEE Security & Privacy 8, 35–44 (2010)

    Article  Google Scholar 

  4. Bringas, P.G., Penya, Y.K.: Next-Generation Misuse and Anomaly Prevention System. In: Filipe, J., Cordeiro, J. (eds.) ICEIS 2008. LNBIP, vol. 19, pp. 117–129. Springer, Heidelberg (2009)

    Google Scholar 

  5. Elshoush, H.T., Osman, I.M.: Alert correlation in collaborative intelligent intrusion detection systems—A survey. Applied Soft Computing 11, 4349–4365 (2011)

    Article  Google Scholar 

  6. Klüft, S.: Alarm management for intrusion detection systems - Prioritizing and presenting alarms from intrusion detection systems. MSc Thesis, University of Gothenburg (2012), http://hdl.handle.net/2077/28856

  7. Lippmann, R., Webster, S., Stetson, D.: The Effect of Identifying Vulnerabilities and Patching Software on the Utility of Network Intrusion Detection. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 307–326. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Maggi, F., Matteucci, M., Zanero, S.: Reducing false positives in anomaly detectors through fuzzy alert aggregation. Information Fusion 10, 300–311 (2009)

    Article  Google Scholar 

  9. Leitner, M., Leitner, P., Zach, M., Collins, S., Fahy, C.: Fault management based on peer-to-peer paradigms; a case study report from the celtic project madeira. In: 10th IFIP/IEEE International Symposium on Integrated Network Management, pp. 697–700 (2007)

    Google Scholar 

  10. Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers & Amp; Security 29, 124–140 (2010)

    Article  Google Scholar 

  11. Arshad, J., Townend, P., Xu, J.: A novel intrusion severity analysis approach for Clouds. Future Generation Computer Systems (2011), http://dx.doi.org/10.1016/j.future.2011.08.009

  12. Grobauer, B., Walloschek, T., Stocker, E.: Understanding cloud computing vulnerabilities. IEEE Security & Privacy 9, 50–57 (2011)

    Article  Google Scholar 

  13. Viega, J.: Cloud computing and the common man. Computer 42, 106–108 (2009)

    Article  Google Scholar 

  14. Dastjerdi, A.V., Bakar, K.A., Tabatabaei, S.G.H.: Distributed intrusion detection in clouds using mobile agents. In: Third International Conference on Advanced Engineering Computing and Applications in Sciences, Sliema, pp. 175–180 (2009)

    Google Scholar 

  15. Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: 17th International Workshop on Quality of Service (IWQoS 2009), Charleston, SC, pp. 1–9 (2009)

    Google Scholar 

  16. Foster, I., Zhao, Y., Raicu, I., Lu, S.: Cloud computing and grid computing 360-degree compared. In: Grid Computing Environments Workshop, GCE 2008, Austin, TX, pp. 1–10 (2008)

    Google Scholar 

  17. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications 34, 1–11 (2011)

    Article  Google Scholar 

  18. Tupakula, U., Varadharajan, V., Akku, N.: Intrusion Detection Techniques for Infrastructure as a Service Cloud. In: IEEE International Conference on Dependable, Autonomic and Secure Computing, pp. 744–751 (2011)

    Google Scholar 

  19. Gustavo, N., Miguel, C.: Anomaly-based intrusion detection in software as a service. In: Dependable Systems and Networks Workshops, pp. 19–24 (2011)

    Google Scholar 

  20. Vieira, K., Schulter, A., Westphall, C.: Intrusion Detection for Grid and Cloud Computing. IT Professional 12, 38–43 (2010)

    Article  Google Scholar 

  21. Xin, W., Ting-lei, H., Xiao-yu, L.: Research on the Intrusion detection mechanism based on cloud computing. In: 2010 International Conference on Intelligent Computing and Integrated Systems (ICISS), Guilin, pp. 125–128 (2010)

    Google Scholar 

  22. Dhage, S., Meshram, B., Rawat, R., Padawe, S., Paingaokar, M., Misra, A.: Intrusion detection system in cloud computing environment. In: International Conference & Workshop on Emerging Trends in Technology, New York, NY, USA, pp. 235–239 (2011)

    Google Scholar 

  23. Kholidy, H.A., Baiardi, F.: CIDS: A Framework for Intrusion Detection in Cloud Systems. In: Ninth International Conference on Information Technology: New Generations (ITNG), Las Vegas, NV, pp. 379–385 (2012)

    Google Scholar 

  24. Patel, A., Qassim, Q., Shukor, Z., Nogueira, J., Júnior, J., Wills, C.: Autonomic Agent-Based Self-Managed Intrusion Detection and Prevention System. In: South African Information Security Multi-Conference (SAISMC 2010), Port Elizabeth, South Africa, pp. 223–224 (2009)

    Google Scholar 

  25. Smith, D., Guan, Q., Fu, S.: An Anomaly Detection Framework for Autonomic Management of Compute Cloud Systems. In: 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), Seoul, pp. 376–381 (2010)

    Google Scholar 

  26. Martínez, C.A., Echeverri, G.I., Sanz, A.G.C.: Malware detection based on cloud computing integrating intrusion ontology representation. In: IEEE Latin-American Conference on Communications (LATINCOM), Bogota, pp. 1–6 (2010)

    Google Scholar 

  27. Azmandian, F., Moffie, M., Alshawabkeh, M., Dy, J., Aslam, J., Kaeli, D.: Virtual machine monitor-based lightweight intrusion detection. SIGOPS Oper. Syst. Rev. 45, 38–53 (2011)

    Article  Google Scholar 

  28. Lee, J.H., Park, M.W., Eom, J.H., Chung, T.M.: Multi-level Intrusion Detection System and log management in Cloud Computing. In: 13th International Conference on Advanced Communication Technology (ICACT), Seoul, pp. 552–555 (2011)

    Google Scholar 

  29. Takahashi, T., Kadobayashi, Y., Fujiwara, H.: Ontological approach toward cybersecurity in cloud computing. In: 3rd International Conference on Security of Information and Networks, Taganrog, Rostov-on-Don, Russian Federation (2010)

    Google Scholar 

  30. Jin, H., Xiang, G., Zou, D., Wu, S., Zhao, F., Li, M., Zheng, W.: A VMM-based intrusion prevention system in cloud computing environment. The Journal of Supercomputing, 1–19 (2011)

    Google Scholar 

  31. Masud, M.M., Al-Khateeb, T.M., Hamlen, K.W., Gao, J., Khan, L., Han, J., Thuraisingham, B.: Cloud-based malware detection for evolving data streams. ACM Trans. Manage. Inf. Syst. 2, 1–27 (2008)

    Article  Google Scholar 

  32. Zargar, S.T., Takabi, H., Joshi, J.B.D.: Dcdidp: A Distributed, Collaborative, and Data-Driven Intrusion Detection and Prevention Framework for Cloud Computing Environments. In: International Conference on Collaborative Computing: Networking, Applications and Worksharing CollaborateCom, Orlando, Florida, USA (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, 43600 UKM, Bangi, Selangor D.E., Malaysia

    Ahmed Patel, Mona Taghavi & Kaveh Bakhtiyari

  2. School of Computing and Information Systems, Faculty of Science, Engineering and Computing, Kingston University, Kingston upon Thames, KT1 2EE, United Kingdom

    Ahmed Patel

  3. Vieira Computer Networks and Security Laboratory (LARCES), State University of Ceará (UECE), Fortaleza, Ceará, Brasil

    Joaquim Celestino Júnior

Authors
  1. Ahmed Patel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mona Taghavi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kaveh Bakhtiyari
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joaquim Celestino Júnior
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, 221 Burwood Highway, 3125, Burwood, VIC, Australia

    Yang Xiang  & Wanlei Zhou  & 

  2. Computer Science Department, ETSI Informatica, University of Malaga, Campus de Teatinos, 29170, Malaga, Spain

    Javier Lopez

  3. Ming Hsieh Department of Electrical Engineering, University of Southern California, 3740 McClintock Ave., 90089-2564, Los Angeles, CA, USA

    C.-C. Jay Kuo

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Patel, A., Taghavi, M., Bakhtiyari, K., Júnior, J.C. (2012). Taxonomy and Proposed Architecture of Intrusion Detection and Prevention Systems for Cloud Computing. In: Xiang, Y., Lopez, J., Kuo, CC.J., Zhou, W. (eds) Cyberspace Safety and Security. CSS 2012. Lecture Notes in Computer Science, vol 7672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35362-8_33

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35362-8_33

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35361-1

  • Online ISBN: 978-3-642-35362-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation