A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study

Cloud computing has emerged as a popular paradigm and an attractive model for providing a reliable distributed computing model.it is increasing attracting huge attention both in academic research and industrial initiatives. Cloud deployments are paramount for institution and organizations of all scales. The availability of a flexible, free open source cloud platform designed with no propriety software and the ability of its integration with legacy systems and third-party applications are fundamental. Open stack is a free and opensource software released under the terms of Apache license with a fragmented and distributed architecture making it highly flexible. This project was initiated and aimed at designing a secured cloud infrastructure called BradStack, which is built on OpenStack in the Computing Laboratory at the University of Bradford. In this report, we present and discuss the steps required in deploying a secured BradStack Multi-node cloud infrastructure and conducting Penetration testing on OpenStack Services to validate the effectiveness of the security controls on the BradStack platform. This report serves as a practical guideline, focusing on security and practical infrastructure related issues. It also serves as a reference for institutions looking at the possibilities of implementing a secured cloud solution.Comment: 38 pages, 19 figures

Analyzing audit trails in a distributed and hybrid intrusion detection platform

Efforts have been made over the last decades in order to design and perfect Intrusion Detection Systems (IDS). In addition to the widespread use of Intrusion Prevention Systems (IPS) as perimeter defense devices in systems and networks, various IDS solutions are used together as elements of holistic approaches to cyber security incident detection and prevention, including Network-Intrusion Detection Systems (NIDS) and Host-Intrusion Detection Systems (HIDS). Nevertheless, specific IDS and IPS technology face several effectiveness challenges to respond to the increasing scale and complexity of information systems and sophistication of attacks. The use of isolated IDS components, focused on one-dimensional approaches, strongly limits a common analysis based on evidence correlation. Today, most organizations’ cyber-security operations centers still rely on conventional SIEM (Security Information and Event Management) technology. However, SIEM platforms also have significant drawbacks in dealing with heterogeneous and specialized security event-sources, lacking the support for flexible and uniform multi-level analysis of security audit-trails involving distributed and heterogeneous systems. In this thesis, we propose an auditing solution that leverages on different intrusion detection components and synergistically combines them in a Distributed and Hybrid IDS (DHIDS) platform, taking advantage of their benefits while overcoming the effectiveness drawbacks of each one. In this approach, security events are detected by multiple probes forming a pervasive, heterogeneous and distributed monitoring environment spread over the network, integrating NIDS, HIDS and specialized Honeypot probing systems. Events from those heterogeneous sources are converted to a canonical representation format, and then conveyed through a Publish-Subscribe middleware to a dedicated logging and auditing system, built on top of an elastic and scalable document-oriented storage system. The aggregated events can then be queried and matched against suspicious attack signature patterns, by means of a proposed declarative query-language that provides event-correlation semantics

Configuring and Implementing IPS Solutions for IoT Devices using NST

The necessity to ensure that Internet of Things (IoT) networks are secure is one of the biggest issues that has arisen as a result of the growing demand for technology that uses the IoT. Considering how many gadgets are linked to the internet, safeguarding their networks is a growing worry. Due to the IoT's network's complexity and resource constraints, traditional intrusion detection systems encounter a number of problems. The main objectives of this project are to design, develop, and evaluate a hybrid level placement method for an IDS based on multi- agent systems, BC technology (Block-Chain), and DL algorithms (Deep Learning). The breakdown of data administration, data collection, analysis, and reaction into its component parts reveals the overall system design. The National Security Laboratory's knowledge discovery and data mining dataset is used to test the system as part of the validation procedure. These results demonstrate how deep learning algorithms are effective at identifying risks at the network and transport levels. The experiment shows that deep learning techniques function well when used to find intrusions in a network environment for the Internet of Things

G0W0G_0W_0 Ionization Potentials of First-Row Transition Metal Aqua Ions

We report computations of the vertical ionization potentials within the $GW$ approximation of the near-complete series of first-row transition metal (V-Cu) aqua ions in their most common oxidation states, i.e. V$^{3+}$, Cr$^{3+}$, Cr$^{2+}$, Mn$^{2+}$, Fe$^{3+}$, Fe$^{2+}$, Co$^{2+}$, Ni$^{2+}$, and Cu$^{2+}$. The $d$-orbital occupancy of these systems spans a broad range from $d^2$ to $d^9$. All the structures were first optimized at the density functional theory level using a large cluster of explicit water molecules that are embedded in a continuum solvation model. Vertical ionization potentials were computed with the one-shot $G_0W_0$ approach on a range of transition metal ion clusters (6, 18, 40, and 60 explicit water molecules) wherein the convergence with respect to the basis set size was evaluated using the systems with 40 water molecules. We assess the results using three different density functional approximations as starting points for the vertical ionization potential calculations, namely $G_0W_0$@PBE, $G_0W_0$@PBE0, and $G_0W_0$@r$^2$SCAN. While the predicted ground-state structures are similar with all three exchange-correlation functionals, the vertical ionization potentials were in closer agreement with the experiment when using the $G_0W_0$@PBE0 and $G_0W_0$@r$^2$SCAN approaches, with the r2SCAN based calculations being significantly less expensive. Computed bond distances and vertical ionization potentials for all structures were compared with available experimental data and are in good agreement

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

Cloud Computing Security: A Survey

Today, the world of Internet and Information technology, which is turned into a crucial part of human life, is growing rapidly. In this direction, the needs of societies` members including: information security, fast processing, immediate & dynamic access and the most important one, cost saving have been taken into consideration. Security issues used to be the main challenge of the systems` users constantly. A crucial achievement, by which users` data are accessed broadly & comprehensively, is cloud computing and storage in clouds, but this requires establishing data security in a very reliable environment. Cloud based computing, as a new generation of computing infrastructure, was created to reduce the costs of hardware & software resource management and it`s success is due to it`s efficacy, flexibility and it`s security in comparison to other computing approaches. Supporting security of stored data is one of the difficulties and issues discussed in cloud computing field. Our goal is to understand present challenges and solutions in cloud based environment; furthermore, we investigate present algorithms, in terms of application`s speed both in cloud based environment and local networks