We apologize for a recent technical issue with our email system, which temporarily affected account activations. Accounts have now been activated. Authors may proceed with paper submissions. PhDFocusTM
CFP last date
20 November 2024
Reseach Article

An Improved Hybrid Intrusion Detection System in Cloud Computing

by Ajeet Kumar Gautam, Vidushi Sharma, Shiva Prakash
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 53 - Number 6
Year of Publication: 2012
Authors: Ajeet Kumar Gautam, Vidushi Sharma, Shiva Prakash
10.5120/8422-2173

Ajeet Kumar Gautam, Vidushi Sharma, Shiva Prakash . An Improved Hybrid Intrusion Detection System in Cloud Computing. International Journal of Computer Applications. 53, 6 ( September 2012), 1-13. DOI=10.5120/8422-2173

@article{ 10.5120/8422-2173,
author = { Ajeet Kumar Gautam, Vidushi Sharma, Shiva Prakash },
title = { An Improved Hybrid Intrusion Detection System in Cloud Computing },
journal = { International Journal of Computer Applications },
issue_date = { September 2012 },
volume = { 53 },
number = { 6 },
month = { September },
year = { 2012 },
issn = { 0975-8887 },
pages = { 1-13 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume53/number6/8422-2173/ },
doi = { 10.5120/8422-2173 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:53:30.521594+05:30
%A Ajeet Kumar Gautam
%A Vidushi Sharma
%A Shiva Prakash
%T An Improved Hybrid Intrusion Detection System in Cloud Computing
%J International Journal of Computer Applications
%@ 0975-8887
%V 53
%N 6
%P 1-13
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Today, security is a major concern. Cloud computing and Intrusion Detection and Prevention Systems are one such measure to mitigate these attacks. Different researchers have proposed different IDSs time to time some of these IDS's combine features of two or more IDSs which are called as Hybrid Intrusion Detection Systems. Most of the researchers combine the features of Signature based detection methodology and Anomaly based detection methodology. For a signature based IDS if an attacker attacks slowly and organized, the attack may go undetected through the IDS, as signatures include factors which are based on duration of the events and the actions of attacker do not match. Sometimes, for an unknown attack there is no signature updated or an attacker attack in the mean time when the database is updating. Thus, signature-based IDS fail to detect unknown attacks. Anomaly based IDS suffer from many false-positive readings. Thus there is a need to hybridize those IDS which can overcome the shortcomings of each other. In this paper we proposed a new approach to IDS (Intrusion Detection System) which is more efficient than the traditional IDS (Intrusion Detection System). The IDS is based on Honeypot Technology and Anomaly based Detection Methodology. We have designed Architecture for the IDS in a packet tracer and then implemented it in real time. We have discussed experimental results performed both the Honeypot and Anomaly based IDS have some shortcomings but if we hybridized these two technologies, the newly proposed HIDS is capable enough to overcome these shortcomings with much enhanced performance. In this paper, we present a modified Hybrid Intrusion Detection System (HIDS) that combines the positive features of two different detection methodologies - Honeypot methodology and anomaly based intrusion detection methodology. In the experiment we run both the Intrusion Detection System individually first and then together and record the data from time to time. From the data we can conclude that the resulting IDS is much better in detecting intrusions from the existing IDSs.

References
  1. Cloud Security Alliance (2010). "Top Threats to Cloud Computing V1. 0" Available: https://cloudsecurityalliance. org/topthreats/csathreats. v1. 0. pdf
  2. Wang Jun-Jie and Mu Sen, "Security Issues and Countermeasures In Cloud Computing", International Conference On Grey Systems And Intelligent Services (Gsis), in Proc. in IEEE, 2011, Pp. 843-846.
  3. Meiko Jensen, J¨Org Schwenk, Nils Gruschka and Luigi Lo Iacono, "On Technical Security Issues in Cloud Computing", International Conference On Cloud Computing, in Proc. in IEEE 2009, Pp. 109-116.
  4. Jinzhu Kong, "Protecting the Confidentiality of Virtual Machines Against Untrusted Host", International Symposium on Intelligence Information Processing And Trusted Computing, in Proc. in IEEE, 2010, Pp. 364-368.
  5. Lucian Popa, Minlan Yu, Steven Y. Ko, Sylvia Ratnasamy, and Ion Stoica, "Cloudpolice: Taking Access Control Out of The Network", Proceedings of The Ninth ACM Sigcomm Workshop On Hot Topics In Networks, ACM. 2010.
  6. Saketh Bharadwaja, Weiqing Sun, Mohammed Niamat and Fangyang Shen, "Collabra: A Xen Hypervisor Based Collaborative Intrusion Detection System", in International Conference on Information Technology: New Generations in Proc. in IEEE, 2011, Pp. 695-700.
  7. Jakub Szefer, Ruby B. And Lee, "a case for hardware protection of guest virtual machines from compromised hypervisors in cloud computing", International Conference On Distributed Computing Systems Workshops in Proc. in IEEE, 2011, Pp. 248-252
  8. Kai Hwang, Ying Chen and Hua Liu, "Defending Distributed Systems Against Malicious Intrusions and Network Anomalies", International Workshop on Security in Systems and networks in Proc. in IEEE, 2005.
  9. Yu-Xin Ding, Min Xiao and Ai-Wu Liu, "Research and Implementation On Snort-Based Hybrid Intrusion Detection System" in International Conference On Machine Learning And Cybernetics, in Proc. in IEEE, 2009, Pp. 1414-1418.
  10. Zhi-Hong Tian, Bin-Xing Fang and Xiao-Chun Yun, "An architecture for intrusion detection using honey pot", International Conference on Machine Learning and Cybernetics, in IEEE, (4) , Pp. 2096-2100.
  11. Guan Xin and Li Yun-jie, "An new Intrusion Prevention Attack System Model based on Immune Principle", International Conference on e-Business and Information System Security (EBISS), in IEEE, 2010, Pp. 1-4.
  12. Roderick Douglas, "Lecture Notes on Cloud Technologies, Sheffield Hallam University, Sheffield, U. K. 2011.
  13. Andy Bechtolsheim (2008). "Cloud computing", Available: http://netseminar. stanford. edu/seminars/Cloud. pdf
  14. F5 Networks (2009). "Cloud Computing Solutions" Available: http://www. f5. com/solutions/cloud-computing/
  15. Cisco (2004) "Cloud", Available: Http://Www. Cisco. Com/Web/Solutions/Trends/Cloud /Index. Html
  16. Craig Baldinng (2008). "Itg2008 World Cloud Computing Summit", Available: Http://Cloudsecurity. Org/
  17. Roderick Douglas, "Lecture Notes on Cloud Technologies, Sheffield Hallam University, Sheffield, U. K. 2011.
  18. Reese, George (2009) "Cloud Application Architectures", O'reilly Media Available: http://shop. oreilly. com/product/9780596156374. do
  19. Rittinghouse, John (2009) "Cloud Computing: Implementation, Management, And Security" Available: http://lawlist. law. suffolk. edu/highlights/stuorgs/jhtl/book_reviews/2009_2010/Josh%20Matloff%20Book%20Review. pdf
  20. Andrew J. Younge, Robert Henschel, James T. Brown, Gregor Laszewski, Judy Qiu and Geoffrey C. Fox, "Analysis Of Virtualization Technologies For High Performance Computing Environments", Fourth International Conference On Cloud Computing, in Proc. in IEEE, 2011, Pp. 9-16.
  21. Key Focus (2003) "KFSensor overview" Available: http://www. keyfocus. net/kfsensor/
  22. Key Focus (2003) "KFSensor overview" Available: http://www. keyfocus. net/kfsensor/download/
  23. AKMA Lab (2010). "FlowMatrix download" Available: http://www. akmalabs. com/downloads_flowmatrix. php
  24. CISCO (2008). "Packet Tracer 5. 0 Brochure" Available: http://www. cisco. com/web/learning/netacad/downloads/pdf/PacketTracer5_0_Brochure_0707. pdf
  25. CISCO (2010). ""Cisco Packet Tracer Data Sheet" Available : http://www. cisco. com/web/learning/netacad/course_catalog/docs/Cisco_PacketTracer_DS. pdf
Index Terms

Computer Science
Information Sciences

Keywords

Intrusion Detection and Prevention System (IDPS) Hybrid Intrusion Detection System KFSensor FlowMatrix Paket Tracer