Abstract
A variety of convenient services have been provided by cloud computing to end users. So providing safe and reliable service assurance is quiet important. Many Network-based intrusion detection systems (NIDS) are used to obtain the packets from the cloud. It has lower detection rate, higher false-positive rate and is unable to resist the single point attack of failure. In this paper, multiple intrusion detection systems (IDSs) are deployed in each layer of cloud infrastructure for protecting each Virtual Machine (VM) against threats. We also propose the cloud alliance concept by the communication agents exchanging the mutual alerts to resist the single point attack of failure. The simulation results indicate that the proposed system have a higher detection rate, lower false-positive rate and can resist the single point attack of failure.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Laureano, M., Maziero, C., Jamhour, E.: Protecting Host-based Intrusion Detectors through Virtual Machines. Computer Networks 51, 1275–1283 (2007)
Kandukuri, B.R., Paturi, V., Rakshit, A.: Cloud Security Issues. In: 38th IEEE International Conference on Services Computing, Bangalore, India, pp. 517–520 (2009)
Wei, L., Xiang, L., Derek, P., Bin, L.: Collaborative Distributed Intrusion Detection System. In: Second International Conference on Future Generation Communication and Networking, pp. 172–177 (2008)
Debar, H., Curry, D., Feinstein, B.: The Intrusion Detection Message Exchange Format, Internet Draft Technical Report, IETF Exchange Format Working Group (July 2004)
Laureano, M., Maziero, C., Jamhour, E.: Intrusion detection in virtual machine environments. In: EUROMICRO Conference, Brazil, pp. 520–525 (2004)
F-Secure Linux Security, http://www.f-secure.com
Moore, D., Shannon, C., Brown, D.J., et al.: Inferring Internet Denial-of-Service Activity. In: ACM Transactions on Computer Systems (TOCS), Berkeley, pp. 115–139 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, H., Zhou, H. (2011). The Research of Intrusion Detection System in Cloud Computing Environment. In: Jin, D., Lin, S. (eds) Advances in Multimedia, Software Engineering and Computing Vol.1. Advances in Intelligent and Soft Computing, vol 128. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25989-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-25989-0_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25988-3
Online ISBN: 978-3-642-25989-0
eBook Packages: EngineeringEngineering (R0)