17,027 research outputs found

    Cooperative Trust Framework for Cloud Computing Based on Mobile Agents

    Get PDF
    Cloud computing opens doors to the multiple, unlimited venues from elastic computing to on demand provisioning to dynamic storage, reduce the potential costs through optimized and efficient computing. To provide secure and reliable services in cloud computing environment is an important issue. One of the security issues is how to reduce the impact of for any type of intrusion in this environment. To counter these kinds of attacks, a framework of cooperative Hybrid intrusion detection system (Hy-IDS) and Mobile Agents is proposed. This framework allows protection against the intrusion attacks. Our Hybrid IDS is based on two types of IDS, the first for the detection of attacks at the level of virtual machines (VMs), the second for the network attack detection and Mobile Agents. Then, this framework unfolds in three phases: the first, detection intrusion in a virtual environment using mobile agents for collected malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. The third, dynamic deployment of updates between clusters in a cloud computing, using the newest signatures previously created. By this type of close-loop control, the collaborative network security management system can identify and address new distributed attacks more quickly and effectively. In this paper, we develop a collaborative approach based on Hy-IDS and Mobile Agents in Cloud Environment, to define a dynamic context which enables the detection of new attacks, with much detail as possible

    Cloud denial of service detection by dendritic cell mechanism

    Get PDF
    The term cloud computing is not new anymore in computing technology. This form of computing technology previously considered only as marketing term, but today cloud computing not only provides innovative improvements in resource utilization but it also creates a new opportunities in data protection mechanisms where the advancement of intrusion detection technologies are blooming rapidly. From the perspective of security, cloud computing also introduces concerns about data protection and intrusion detection mechanism especially cloud computing are exposed to Denial of Service (DoS) attacks. This paper aims to provide DoS detection mechanism for cloud computing environment. As a result, we provide an experiment to examine the capability of the proposed system. The result shows that the proposed system was able to detect DoS attacks that conducted during the experiment with 94.4% detection rate. We conclude the paper with a discussion on the results, then we include together with a graphical summary of the experiment's result

    Proposed Network Intrusion Detection System Based on Fuzzy c Mean Algorithm in Cloud Computing Environment

    Get PDF
    في الوقت الحاضر الحوسبة السحابية اصبحت جزء مكمل في صناعة تكنولجيا المعلومات، الحوسبة السحابية توفر بيئة عمل تسمح للمستخدم بمشاركة البيانات والموارد عبر الانترنت .حيث الحوسبة السحابية عبارة عن تجمع افتراضي من الموارد عبر الانترنت،هذا يؤدي الى مسائل اخرى تتعلق بالامن والخصوصية في بيئة الحوسبة السحابية .لذلك من المهم جدا خلق نظام كشف تطفل لكشف المتسللين في خارج وداخل بيئة الحوسبة السحابية بدقة عالية ومعدل  انذار كاذب منخفضة .هذا العمل يقترح نظام كشف تطفل قائم على خوارزمية العنقدة المضببة . اجريت التجارب على بيانات KDD99. العمل المقترح يمتاز بمعدل كشف تطفل عالي مع نسبة انذار كاذب منخفضة .Nowadays cloud computing had become is an integral part of IT industry, cloud computing provides Working environment allow a user of environmental to share data and resources over the internet. Where cloud computing its virtual grouping of resources offered over the internet, this lead to different matters related to the security and privacy in cloud computing. And therefore, create intrusion detection very important to detect outsider and insider intruders of cloud computing with high detection rate and low false positive alarm in the cloud environment. This work proposed network intrusion detection module using fuzzy c mean algorithm. The kdd99 dataset used for experiments .the proposed system characterized by a high detection rate with low false positive alarm

    Study on intrusion data detection algorithm for user data visa cloud computing

    Get PDF
    Abstract: Cloud computing is a new computing model, it will be large-scale computing resource interconnection were effectively integrated, and the computing resources available to users in the form of services. The user can at any time according to need to access a virtual computer and storage system using a broadband network, without the need to test the underlying anxiety complex implementation and management, greatly reduce the difficulty of realization and hardware investment users. Cloud computing effectively the actual resources and virtual service separation reduce all kinds of business service costs, improve the utilization of network resources. The main work of this paper includes: first introduced the current cloud environment security threat, attack and common intrusion detection te chnology, summarizes the advantages and disadvantages of the proposed at the present stage of intrusion detection system under the cloud environment. Then the research on the analysis of the fuzzy C mean clustering algorithm for intrusion detection exist deficie ncies in cloud environment, the improvement and optimization of its, and the improved algorithm for parallel implementation of map reduce, to solve the clustering problem of the magnanimity data

    DCDIDP: A Distributed, Collaborative, and Data-driven IDP Framework for the Cloud

    Get PDF
    Recent advances in distributed computing, grid computing, virtualization mechanisms, and utility computing led into Cloud Computing as one of the industry buzz words of our decade. As the popularity of the services provided in the cloud environment grows exponentially, the exploitation of possible vulnerabilities grows with the same pace. Intrusion Detection and Prevention Systems (IDPSs) are one of the most popular tools among the front line fundamental tools to defend the computation and communication infrastructures from the intruders. In this poster, we propose a distributed, collaborative, and data-driven IDP (DCDIDP) framework for cloud computing environments. Both cloud providers and cloud customers will benefit significantly from DCDIDP that dynamically evolves and gradually mobilizes the resources in the cloud as suspicion about attacks increases. Such system will provide homogeneous IDPS for all the cloud providers that collaborate distributively. It will respond to the attacks, by collaborating with other peers and in a distributed manner, as near as possible to attack sources and at different levels of operations (e.g. network, host, VM). We present the DCDIDP framework and explain its components. However, further explanation is part of our ongoing work

    New Anomaly Network Intrusion Detection System in Cloud Environment Based on Optimized Back Propagation Neural Network Using Improved Genetic Algorithm

    Get PDF
    Cloud computing is distributed architecture, providing computing facilities and storage resource as a service over an open environment (Internet), this lead to different matters related to the security and privacy in cloud computing. Thus, defending network accessible Cloud resources and services from various threats and attacks is of great concern. To address this issue, it is essential to create an efficient and effective Network Intrusion System (NIDS) to detect both outsider and insider intruders with high detection precision in the cloud environment. NIDS has become popular as an important component of the network security infrastructure, which detects malicious activities by monitoring network traffic. In this work, we propose to optimize a very popular soft computing tool widely used for intrusion detection namely, Back Propagation Neural Network (BPNN) using an Improved Genetic Algorithm (IGA). Genetic Algorithm (GA) is improved through optimization strategies, namely Parallel Processing and Fitness Value Hashing, which reduce execution time, convergence time and save processing power. Since,  Learning rate and Momentum term are among the most relevant parameters that impact the performance of BPNN classifier, we have employed IGA to find the optimal or near-optimal values of these two parameters which ensure high detection rate, high accuracy and low false alarm rate. The CloudSim simulator 4.0 and DARPA’s KDD cup datasets 1999 are used for simulation. From the detailed performance analysis, it is clear that the proposed system called “ANIDS BPNN-IGA” (Anomaly NIDS based on BPNN and IGA) outperforms several state-of-art methods and it is more suitable for network anomaly detection

    Proposed Network Intrusion Detection System ‎In Cloud Environment Based on Back ‎Propagation Neural Network

    Get PDF
    الحوسبة السحابية  هي هيكيلة موزعة توفر قدرات حسابية, موارد تحزين كخدمة عبر الانترنت للأيفاء بمتطلبات المستخدم بسعر منخفض .بسبب طبيعة الحوسبة السحابية المفتوحة والخدمة المقدمة المتسللين ينتحلون المستخدمين المخولين وبعد ذلك يسيئون استخدام موارد وخدمات الحوسبة السحابية . لكشف المتسللين والانشطة المشبوة في بيئة الحوسبة السحابية ،نظام كشف التطفل يستخدم لكشف المستخدمين الغير مخولين والانشطة المشبوهة بواسطة فحص نشاطات المستخدم على الشبكة .في هذا البحث استخدمت خوارزمية الشبكات العصبية الاصطناعية (BP) لبناء نظام كشف تطفل في بيئة السحابية  .النظام المقترح اختبر باستخدام بيانات KDD99 . اظهرت النتائج ان النظام المقترح يشكل طريقة واعدة تتميز بدقة عالية مع نسبة انذار كاذبة منخفضةCloud computing is distributed architecture, providing computing facilities and storage resource as a service over the internet. This low-cost service fulfills the basic requirements of users. Because of the open nature and services introduced by cloud computing intruders impersonate legitimate users and misuse cloud resource and services. To detect intruders and suspicious activities in and around the cloud computing environment, intrusion detection system used to discover the illegitimate users and suspicious action by monitors different user activities on the network .this work proposed based back propagation artificial neural network to construct t network intrusion detection in the cloud environment. The proposed module evaluated with kdd99 dataset the experimental results shows promising approach to detect attack with high detection rate and low false alarm rat

    CloudIDS: Cloud Intrusion Detection Model Inspired by Dendritic Cell Mechanism

    Get PDF
    Cloud Computing Security is a new era of computer technology and opens a new research area and creates a lot of opportunity of exploration. One of the new implementation in Cloud is Intrusion Detection System (IDS).There are problems with existing IDS approach in Cloud environment. Implementing traditional IDS need a lot of self-maintenance and did not scale with the customer security requirements. In addition, maintenance of traditional IDS in Cloud Computing system requires expertise and consumes more time where not each Cloud user has. A decentralized traditional IDS approach where being deployed in current Cloud Computing infrastructure will make the IDS management become complicated. Each user's IDS will not be the same in term of type and configurations and each user may have outdated signatures. Inter VM's communication also become a big concern when we implementing Cloud Computing system where communication between Clouds are not monitored and controlled by the traditional IDS. A specific IDS model for Cloud computing is required to solve these problems. In this paper, we develop a prototype of Cloud IDS inspired by Dendritic Cell mechanism. Experiment result proved that Cloud IDS was able to detect any attempt to attack the Cloud environment. The experiments show that the Cloud IDS model based on Dendritic Cell algorithm able to identify and detect novel threat that targeting Cloud environment
    corecore