Abstract
Nowadays, the foremost optimal choice of every IT organization is cloud computing. Cloud computing technology is very flexible and scalable in nature. The prime concern in cloud computing is its security and privacy, because intruders are trying to breach it. The main reason for breaching is its open and distributed architecture. For detection of various attacks on cloud, the most common mechanism used is Intrusion Detection System (IDS). We have presented a comparative analysis of some existing cloud based intrusion detection systems and different methods of deploying the IDS are used for overcoming the security challenges. In spite of the fact that there are various existing literatures in this area of study, we endeavor to give more intricate picture of a thorough analysis. This paper shares an overview of different intrusions in cloud. The metrics, which are used for comparative analysis, are of various types like positioning, detection time, detection techniques, data source and attacks. The comparative analysis also shows the limitations of each technique that tells whether the cloud-computing environment is secure or not.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Modi, C., Patel, D., Borisaniya, B., Patel, H.: A survey of intrusion detection techniques in cloud. J. Netw. Comput. Appl. 36, 42–57 (2013)
Almorsy, M., Grundy, J., Ibrahim, A.S.: Adaptable, model-driven security engineering for SaaS cloud-based applications. Automated Software Engineering 21(2), 187–224 (2014)
Du, Y., Zhang, R., Li, M.: Research on a security mechanism for cloud computing based on virtualization. Telecommun. Syst. 53, 19–24 (2013)
Edurado, F.B., Monge, R., Hashizume, K.: Building a security reference architecture for cloud systems. Requir. Eng. 21, 1–25 (2015)
He, J., Dong, M., Ota, K., Fan, M., Wang, G.: NetSecCC: a scalable and fault tolerant architecture for cloud computing security. Peer-to-Peer Netw. Appl. 9, 1–15 (2014)
Hu, P., Sung, C.W., Ho, S., Chan, T.H.: Optimal coding and allocation for perfect secrecy in multiple clouds. Inf. Forensics Secur. 11, 388–399 (2014)
Lee, J., Cho, J., Seo, J., Shon, T., Won, D.: A novel approach to analyzing for detecting malicious network activity using a cloud computing testbed. Mob. Netw. Appl. 18, 122–128 (2012)
Li, J., Li, Y.K., Chen, X., Lee, P.P.C., Lou, W.: A hybrid cloud approach for secure authorized deduplication. IEEE Trans. Parallel Distrib. Syst. 26, 1206–1216 (2014)
Rahat, M., Shibli, M.A., Niazi, M.A.: Cloud identity management security issues and solutions: a taxonomy. Complex Adapt. Syst. Model. 2, 1–37 (2014)
Rho, S., Chang, H., Kim, S., Lee, Y.S.: An efficient peer-to-peer distributed scheduling for cloud and grid computing. Peer-to-Peer Netw. Appl. 8, 863–871 (2014)
Li, Q., Han, Q., Sun, L.: Collaborative recognition of queuing behavior on mobile phones. Mob. Comput. 15, 60–73 (2014)
Tak, G.K., Badge, N., Manwatkar, P., Rangnathan, A., Tapaswi, S.: Asynchronous anti phishing image captcha approach towards phishing. In: International Conference on Future Computer and Communication, vol. 3, pp. 694–698. IEEE (2010)
Malhotra, K., Gardner, S., Patz, R.: Implementation of elliptic-curve cryptography on mobile healthcare devices. IEEE (2007)
Jia, X., et al.: Efficient revocable id-based signature with cloud revocation server. IEEE Access 5, 2945–2954 (2017)
Arjunan, K., Modi, C.N.: An enhanced intrusion detection framework for securing network layer of cloud computing. In: Asia Security and Privacy (ISEASP), 2017 ISEA. IEEE (2017)
Hamdi, O., Mbaye, M., Krief, F.: A cloud-based architecture for network attack signature learning. In: 2015 7th International Conference on New Technologies, Mobility and Security (NTMS). IEEE (2015)
Huang, S.-Y., Huang, Y., Suri, N.: Event pattern discovery on IDS traces of cloud services. In: 2014 IEEE Fourth International Conference on Big Data and Cloud Computing (BdCloud). IEEE (2014)
Mehmood, Y., et al.: Intrusion detection system in cloud computing: challenges and opportunities. In: 2013 2nd National Conference on Information Assurance (NCIA). IEEE (2013)
Kumawat, S., Sharma, A.K., Kumawat, A.: Intrusion detection and prevention system using K-learning classification in cloud. In: 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom). IEEE (2016)
Alarifi, S.S., Wolthusen, S.D.: Detecting anomalies in IaaS environments through virtual machine host system call analysis. In: 2012 International Conference for Internet Technology and Secured Transactions. IEEE (2012)
Fellin, C., Haney, M.: Preventing the mistraining of anomaly-based IDSs through ensemble systems. In: 2014 IEEE World Congress on Services (SERVICES). IEEE (2014)
Pan, Z., Pacheco, J., Hariri, S.: Anomaly behavior analysis for building automation systems. In: 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA). IEEE (2016)
Gupta, D., Gupta, S.: An efficient approach of trigger mechanism through IDS in cloud computing. In: 2017 4th IEEE Uttar Pradesh Section International Conference on Electrical, Computer and Electronics (UPCON). IEEE (2017)
Li, Z., Sun, W., Wang, L.: A neural network based distributed intrusion detection system on cloud platform. In: 2012 IEEE 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS), vol. 1. IEEE (2012)
Alqahtani, S.M., John, R.: A comparative analysis of different classification techniques for cloud intrusion detection systems’ alerts and fuzzy classifiers. In: 2017 Computing Conference. IEEE (2017)
Alqahtani, S.M., John, R.: A comparative study of different fuzzy classifiers for cloud intrusion detection systems’ alerts. In: 2016 IEEE Symposium Series on Computational Intelligence (SSCI). IEEE (2016)
Sule, M.-J., et al.: Fuzzy logic approach to modelling trust in cloud computing. IET Cyber-Phys. Syst. Theory Appl. 2(2), 84–89 (2017)
Kumar, R., Lal, S.P., Sharma, A.: Detecting denial of service attacks in the cloud. In: 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, 14th International Conference on Pervasive Intelligence and Computing, 2nd International Conference on Big Data Intelligence and Computing and Cyber Science and Technology Congress (DASC/PiCom/DataCom/CyberSciTech). IEEE (2016)
Mukkavilli, S.K., Shetty, S.: Mining concept drifting network traffic in cloud computing environments. In: Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid 2012). IEEE Computer Society (2012)
Raja, M.C., Rabbani, M.M.A.: Combined analysis of support vector machine and principle component analysis for IDS. In: International Conference on Communication and Electronics Systems (ICCES). IEEE (2016)
Fan, M.-J., et al.: TTRSIS: a cloud computing platform for rice functional genomics research through a reverse genetics approach. In: 2011 IEEE 11th International Conference on Bioinformatics and Bioengineering (BIBE). IEEE (2011)
Kannan, A., et al.: Genetic algorithm based feature selection algorithm for effective intrusion detection in cloud networks. In: Data Mining Workshops (ICDMW). IEEE (2012)
Yin, H., Gai, K., Wang, Z.: A classification algorithm based on ensemble feature selections for imbalanced-class dataset. In: IEEE International Conference on High Performance and Smart Computing (HPSC), 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), and IEEE International Conference on Intelligent Data and Security (IDS). IEEE (2016)
Justin, V., Marathe, N., Dongre, N.: Hybrid IDS using SVM classifier for detecting DoS attack in MANET application. In: 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), pp. 775–778. IEEE (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Bakshi, A., Sunanda (2019). A Comparative Analysis of Different Intrusion Detection Techniques in Cloud Computing. In: Luhach, A., Singh, D., Hsiung, PA., Hawari, K., Lingras, P., Singh, P. (eds) Advanced Informatics for Computing Research. ICAICR 2018. Communications in Computer and Information Science, vol 956. Springer, Singapore. https://doi.org/10.1007/978-981-13-3143-5_30
Download citation
DOI: https://doi.org/10.1007/978-981-13-3143-5_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-3142-8
Online ISBN: 978-981-13-3143-5
eBook Packages: Computer ScienceComputer Science (R0)