A survey of intrusion detection techniques in Cloud

Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks

Enhancing Firewall Filtering Performance Using Neural Networks

The internet has grown to a point where people all over the world have become dependent on this convenient communication medium. However, with this dependency, malicious traffic has become a major concern. Consequently, firewalls have become a mandatory part of any network, due to their ability to filter the traffic based on rules that state which packets should be accepted or denied. However, a network administrator must manually configure filter rules, and packets that do not fit any rule may be subject to wrong judgement by the firewall. Neural networks can learn the filter rules in order to decide if packets that do not fit any specific rules should be accepted or denied. The neural network will be trained with existing packet data and their firewall actions, and then tested to determine the amount of correctly classified packets compared to the firewall

DDoS: DeepDefence and Machine Learning for identifying attacks

Distributed Denial of Service (DDoS) attacks are very common type of computer attack in the world of internet today. Automatically detecting such type of DDoS attack packets & dropping them before passing through the network is the best prevention method. Conventional solution only monitors and provide the feedforward solution instead of the feedback machine-based learning. A Design of Deep neural network has been suggested in this work and developments have been made on proactive detection of attacks. In this approach, high level features are extracted for representation and inference of the dataset. Experiment has been conducted based on the ISCX dataset published in year 2017,2018 and CICDDoS2019 and program has been developed in Matlab R17b, utilizing Wireshark for features extraction from the datasets. Network Intrusion attacks on critical oil and gas industrial installation become common nowadays, which in turn bring down the giant industrial sites to standstill and suffer financial impacts. This has made the production companies to started investing millions of dollars revenue to protect their critical infrastructure with such attacks with the active and passive solutions available. Our thesis constitutes a contribution to such domain, focusing mainly on security of industrial network, impersonation and attacking with DDoS

Analysis of intrusion prevention methods

Thesis (Master)--Izmir Institute of Technology, Computer Engineering, Izmir, 2004Includes bibliographical references (leaves: 105-108)Text in English; Abstract: Turkish and Englishviii, 108 leavesToday, the pace of the technological development and improvements has compelled the development of new and more complex applications. The obligatory of application development in a short time to rapidly changing requirements causes skipping of some stages, mostly the testing stage, in the software development cycle thus, leads to the production of applications with defects. These defects are, later, discovered by intruders to be used to penetrate into computer systems. Current security technologies, such as firewalls, intrusion detection systems, honeypots, network-based antivirus systems, are insufficient to protect systems against those, continuously increasing and rapid-spreading attacks. Intrusion Prevention System (IPS) is a new technology developed to block today.s application-specific, data-driven attacks that spread in the speed of communication. IPS is the evolved and integrated state of the existing technologies; it is not a new approach to network security. In this thesis, IPS products of various computer security appliance developer companies have been analyzed in details. At the end of these analyses, the requirements of network-based IPSs have been identified and an architecture that fits those requirements has been proposed. Also, a sample network-based IPS has been developed by modifying the open source application Snort