Abstract
Now a days, many enterprise applications are using cloud platform. Security is the most sensitive issue in cloud platform. Intrusion detection System is used to protect the Virtual machine from threats. This paper proposes Application level Signature based Semantic Intrusion Detection System, which concentrates on the application level to detect application specific attacks. A packet sniffer is placed between cloud user and Virtual cloud provider. The packets of various protocols are captured by packet sniffer and dispatch it to its corresponding parser. The parser translates a sequence of packets into protocol messages and dispatches the packet to the corresponding state machine which consists of message parsing grammar. The message parsing grammar analyses the messages and checks with the semantic rules. If any signature does not matches with the rule-base and found to be malicious. The IDS interpreter generates alert to the cloud provider. The Signature based semantic Intrusion Detection System reduces the false alarm rate. So, the accuracy of the detection rate gets increased.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Modi, C., Patel, D., Borisaniya, B., Patel, H., Patel, A., Rajarajan, M.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36, 42–57 (2013)
Reddy, V.K., Rao, B.T., Reddy, L.S.S., Kiran, P.S.: Research issues in cloud computing. Glob. J. Comput. Sci. Technol. 11(11), 1–8 (2011)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34, 1–11 (2011)
Qaisar, S., Khawaja, K.F.: Cloud computing: network/security threats and countermeasures. Interdisc. J. Contemp. Res. Bus. 3(9), 1323–1329 (2012)
Oktay, U., Sahingoz, O.K.: Attack types and intrusion detection systems in cloud computing. In: Proceedings of the 6th International Information Security and Cryptology Conference, Sept 2013
Scarfone, K., Mell, P.: Guide to intrusion detection and prevention systems (IDPS). NIST special publication, vol. 800, p. 94 (2007)
Mazzariello, C., Bifulco, R., Canonoco, R.: Integrating a network IDS into an open source cloud computing. In: Proceedings of the 6th International Conference on Information Assurance and Security (IAS), pp. 265–70 (2010)
Roschke, S., Feng, C., Meinel, C.: An extensible and virtualization compatible IDS management architecture. In: Proceedings of the 5th International Conference on Information Assurance and Security, pp. 130–140 (2009)
Abbes, T., Bouhoula, A., Rusinowitch, M.: Protocol analysis in intrusion detection using decision tree. In: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC’04) IEEE (2004)
Sangeetha S., Vaidehi V.: Fuzzy aided application layer semantic intrusion detection system-FASIDS. In: Proceedings of International Journal of Network Security and its Application (IJNSA April 2010), vol. 2, pp. 39–56 (2010)
Bellamy Jr, W.: TCP Port 80—HyperText transfer protocol (HTTP) header exploitation. Cgisecurity.com (2002)
Hallaraker, O., Vigna, G.: Detecting malicious javaScript code in mozilla. In: Proceedings of the 10th International Conference on Engineering of Complex Computer Systems (ICECCS 2005), pp. 85–94 (2005)
Krugel, C., Toth, T.: Using decision trees to improve signature-based intrusion detection. In: Proceedings of the 6th International Workshop on the Recent Advances in Intrusion Detection (RAID’2003), LNCS, vol. 2820, pp. 173–191 (2003)
Vieira, K., Schuler, A., westphall, C.: Intrusion detection techniques in grid and cloud computing environment. In: Proceedings of the IEEE IT Professional Magazine (2010)
Bakshi, A.,yogesh, B.: Securing cloud from DDoS attacks using intrusion detection system in virtual machine. In: Proceedings of the 2nd International Conference on Communication Software and Networks, pp. 260–264. (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer India
About this paper
Cite this paper
Sangeetha, S., Gayathri devi, B., Ramya, R., Dharani, M.K., Sathya, P. (2015). Signature Based Semantic Intrusion Detection System on Cloud. In: Mandal, J., Satapathy, S., Kumar Sanyal, M., Sarkar, P., Mukhopadhyay, A. (eds) Information Systems Design and Intelligent Applications. Advances in Intelligent Systems and Computing, vol 339. Springer, New Delhi. https://doi.org/10.1007/978-81-322-2250-7_66
Download citation
DOI: https://doi.org/10.1007/978-81-322-2250-7_66
Published:
Publisher Name: Springer, New Delhi
Print ISBN: 978-81-322-2249-1
Online ISBN: 978-81-322-2250-7
eBook Packages: EngineeringEngineering (R0)