Detection of Masquerade Attacks using Data-Driven Semi-Global Alignment Approach

The broad utilization of virtualization in representing security basis conveys unrivaled security worries for inhabitants or clients and presents an extra layer that itself must be totally arranged and secured. Gatecrashers can abuse the extensive measure of assets for their attacks. This venture talks about two methodologies .In the initial three elements to be specific continuous attacks, autonomic counteractive action activities and hazard measure are incorporated to our Autonomic Intrusion Detection Framework (AIDF) as the majority of the present security advancements don't give the fundamental security components to frameworks, for example, early notices about future progressing attacks, autonomic avoidance activities and hazard measure. Accordingly, the controller can take proactive restorative activities before the attacks represent a genuine security hazard to the framework. In another Attack Sequence Detection (ASD) approach as assignments from various clients might be performed on a similar machine. In this way, one essential security concern is whether client information is secure in. Then again, programmer may encourage processing to dispatch bigger scope of attack. For example, a demand of port output in with numerous virtual machines executing such vindictive activity. In, for instance, avoiding a simple to adventure machine and afterward utilizing the past traded off to attack the objective. Such attack plan might be stealthy or inside the registering condition. So intrusion detection framework or firewall experiences issues to recognize it

Cloud Computing Security, An Intrusion Detection System for Cloud Computing Systems

Cloud computing is widely considered as an attractive service model because it minimizes investment since its costs are in direct relation to usage and demand. However, the distributed nature of cloud computing environments, their massive resource aggregation, wide user access and efficient and automated sharing of resources enable intruders to exploit clouds for their advantage. To combat intruders, several security solutions for cloud environments adopt Intrusion Detection Systems. However, most IDS solutions are not suitable for cloud environments, because of problems such as single point of failure, centralized load, high false positive alarms, insufficient coverage for attacks, and inflexible design. The thesis defines a framework for a cloud based IDS to face the deficiencies of current IDS technology. This framework deals with threats that exploit vulnerabilities to attack the various service models of a cloud system. The framework integrates behaviour based and knowledge based techniques to detect masquerade, host, and network attacks and provides efficient deployments to detect DDoS attacks. This thesis has three main contributions. The first is a Cloud Intrusion Detection Dataset (CIDD) to train and test an IDS. The second is the Data-Driven Semi-Global Alignment, DDSGA, approach and three behavior based strategies to detect masquerades in cloud systems. The third and final contribution is signature based detection. We introduce two deployments, a distributed and a centralized one to detect host, network, and DDoS attacks. Furthermore, we discuss the integration and correlation of alerts from any component to build a summarized attack report. The thesis describes in details and experimentally evaluates the proposed IDS and alternative deployments. Acknowledgment: =============== • This PH.D. is achieved through an international joint program with a collaboration between University of Pisa in Italy (Department of Computer Science, Galileo Galilei PH.D. School) and University of Arizona in USA (College of Electrical and Computer Engineering). • The PHD topic is categorized in both Computer Engineering and Information Engineering topics. • The thesis author is also known as "Hisham A. Kholidy"