Abstract
The paper reports a host based intrusion detection model for Cloud computing environment along with its implementation and analysis. This model alerts the Cloud user against the malicious activities within the system by analyzing the system call traces. The method analyses only selective system call traces, the failed system call trace, rather than all. An early detection of intrusions with reduced computational burden can be possible with this feature. The reported model provides security as a service (SecaaS) in the infrastructure layer of the Cloud environment. Implementation result shows 96 % average intrusion detection sensitivity.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abraham A, Grosan C, Martin-Vide C (2007) Evolutionary design of intrusion detection programs. Int J Netw Secur 4(3):328–339
Aggarwal C, Zhai C (2012) A survey of text classification algorithms. In: Mining Text Data. New york, Springer 163–222
Anderson J (1980) Computer security threat monitoring and surveillance, Technical report. James P. Anderson Co., Fort Washington
Barbhuiya F et al (2011) An active host-based intrusion detection system for ARP-related attacks and its verification. Int J Net Sec App 3(3):163–180
Cai L, Chen J, Ke Y, Chen T, Li Z (2010) A new data normalization method for unsupervised anomaly intrusion detection. J Zhejiang Uni-SCI C 11(10):778–784
Denning D (1987) An intrusion detection model. IEEE Trans Soft Eng 13(2):222–232
Deshpande P, Sharma S, Kumar S (2013) Implementation of a private cloud: a case study. Adv Int Sys Comp 259(2):635–648
Doelitzscher F et al (2012) An agent based business aware incident detection system for cloud environments. J Cloud Comp Adv Sys App 1–9. doi:10.1186/2192-113X-1-9
Fawcett T (2006) An introduction to ROC analysis. Patt Recog Lett 27:861–874
Forrest S, Hofmeyr A, Somayaji A, Longsta T (1996) A sense of self for Unix processes. IEEE Symp Security and Privacy, Oakland, pp 120–128
Ghosh A, Schwartzbard A, Shatz A (1999) Learning program behavior profiles for intrusion detection. In: Proceedings of the Ist USENIX workshop on intrusion detection and network monitoring, Santa Clara, California, USA, pp 51–62
Htun P, Khaing K (2013) Important roles of data mining techniques for anomaly intrusion detection system. Int J Adv Res Comp Eng Tech 2(5):1850–1854
KDD’99 datasets, The UCI KDD Archive Irvine, CA, USA, 1999 [online] http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html
Lee W, Stolfo S,and Chan P (1997) Learning patterns from UNIX process execution traces for intrusion detection. In: Proceedings of the AAAI Workshop on AI Models in Fraud and Risk Management, Stanford, pp 50–56
Modi C et al (2013) A survey of intrusion detection techniques in cloud. J Netw Comp App 36:42–57
Mukkamala S, Sung A, Abraham A (2004) Designing intrusion detection systems: architectures and perspectives. Annual review of communications, The Int Eng Consortium (IEC), Chicago, 57:1229–1241
Payne T et al (1997) Experience with rule induction and k-nearest neighbor methods for interface agents that learn. IEEE Trans Knowl Data Eng 9(2):329–335
Rawat S et al (2006) Intrusion detection using text processing techniques with a binary-weighted cosine metric. J Info Assur Security 1:43–50
Tandon G and Chan P (2005) Learning useful system call attributes for anomaly detection. In: Proceedings of the 18th International Artificial Intelligence Research Society Conference, Florida, pp 405–410
Vokorokos L. and Balaz A (2010) Host-based intrusion detection system. In: 14th International Conference on Intelligent Engineering System, Spain, pp 43–47
Warrender C, Forrest S, Pearlmutter B (1999) Detecting intrusions using system calls: alternative data models. IEEE Symposium on Security and Privacy, Oakland, pp 133–145
Wespi A, Dacier M, Debar H (2000) Intrusion detection using variable length audit trail patterns. Recent Adv Intru Det 1907:110–129
Ying L, Yan Z, Jia O (2010) The design and implementation of host-based intrusion detection system. In: Third International Symposium on Intelligent Information Technology and Security Information, Jinggangshan, pp 595–598
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Deshpande, P., Sharma, S.C., Peddoju, S.K. et al. HIDS: A host based intrusion detection system for cloud computing environment. Int J Syst Assur Eng Manag 9, 567–576 (2018). https://doi.org/10.1007/s13198-014-0277-7
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13198-014-0277-7