Resilient intrusion detection system for cloud containers. (8th November 2019)
- Record Type:
- Journal Article
- Title:
- Resilient intrusion detection system for cloud containers. (8th November 2019)
- Main Title:
- Resilient intrusion detection system for cloud containers
- Authors:
- Abed, Amr S.
Azab, Mohamed
Clancy, Charles
Kashkoush, Mona S. - Abstract:
- The lightweight virtualisation and isolated execution offered by Linux containers qualify it to be the dominant virtualisation platform for cloud-based applications. The fact that Linux containers run on the same host while sharing the same kernel opens the door for new attacks. However, limited research has been conducted in the area of securing cloud containers. This paper presents a resilient intrusion detection and resolution system for cloud-based containers. The system relies on two main pillars, a real-time smart behaviour monitoring mechanism to detect maliciously behaving containers, and a moving-target defence approach that applies runtime container migration to quarantine such containers and to minimise attack dispersion. To avoid zero-day targeted attacks, the system also induces random live migrations between running containers to obfuscate its execution behaviour. Such obfuscation makes it harder for attackers to execute their targeted attacks. The system was tested by a big-data application using a container-based Apache Hadoop cluster to demonstrate the system's ability to automatically deploy, monitor, detect, and respond to maliciously behaving applications by live migration or by rolling back the container to a safe state. Results showed that the proposed system efficiently ensure safe and secure container operation.
- Is Part Of:
- International journal of communication networks and distributed systems. Volume 24:Number 1(2020)
- Journal:
- International journal of communication networks and distributed systems
- Issue:
- Volume 24:Number 1(2020)
- Issue Display:
- Volume 24, Issue 1 (2020)
- Year:
- 2020
- Volume:
- 24
- Issue:
- 1
- Issue Sort Value:
- 2020-0024-0001-0000
- Page Start:
- 1
- Page End:
- 22
- Publication Date:
- 2019-11-08
- Subjects:
- cloud security -- intrusion detection -- behaviour modelling -- resilience -- Linux container -- moving-target defence -- MTD
Computer networks -- Periodicals
Telecommunication systems -- Periodicals
Electronic data processing -- Distributed processing -- Periodicals
004.6 - Journal URLs:
- http://www.inderscience.com/jhome.php?jcode=ijcnds ↗
http://www.inderscience.com/ ↗ - Languages:
- English
- ISSNs:
- 1754-3916
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 12371.xml