A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment. (27th March 2013)
- Record Type:
- Journal Article
- Title:
- A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment. (27th March 2013)
- Main Title:
- A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment
- Authors:
- Gupta, Sanchika
Kumar, Padam
Abraham, Ajith - Other Names:
- Manvi Sunilkumar S. Academic Editor.
- Abstract:
- Abstract : Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloudAbstract : Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloud environment. An initial prototype implementation is verified and tested on private cloud with a fully functional implementation under progress. … (more)
- Is Part Of:
- International journal of distributed sensor networks. (2013)
- Journal:
- International journal of distributed sensor networks
- Issue:
- (2013)
- Issue Display:
- Volume 2013, Issue 2013 (2013)
- Year:
- 2013
- Volume:
- 2013
- Issue:
- 2013
- Issue Sort Value:
- 2013-2013-2013-0000
- Page Start:
- Page End:
- Publication Date:
- 2013-03-27
- Subjects:
- Sensor networks -- Periodicals
Intelligent agents (Computer software) -- Periodicals
Multisensor data fusion -- Periodicals
681.2 - Journal URLs:
- http://www.informaworld.com/smpp/title~content=t714578688~db=all ↗
http://www.metapress.com/openurl.asp?genre=journal&issn=1550-1329 ↗
http://dsn.sagepub.com/ ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1155/2013/364575 ↗
- Languages:
- English
- ISSNs:
- 1550-1329
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4542.186400
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16884.xml