Skip to main content
SpringerLink
Log in

A Collaborative Intrusion Detection System Framework for Cloud Computing

  • Conference paper
  • First Online:
Proceedings of the International Conference on IT Convergence and Security 2011

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 120))

Abstract

Cloud Computing provides a framework for supporting end users easily attaching powerful services and applications through Internet. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users’ systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other. In the system, another advantage is isolation between detectors with compromised hosts to protect these detectors from evasions or infections.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Furht B, Chapter 1, Handbook of cloud computing

    Google Scholar 

  2. The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, Special Publication 800-145 (Draft)

    Google Scholar 

  3. Guide to Intrusion Detection and Prevention Systems (IDPS), Recommendations of the National Institute of Standards and Technology, Special Publication 800-94

    Google Scholar 

  4. Garfinkel T, Rosenblum M (2003) A virtual machine introspection-based architecture for intrusion detection. In:Proceedings 10th symposium, Network and Distributed System Security (NDSS 03), Internet Society, pp 191–206

    Google Scholar 

  5. Zhou CV, Leckie C, Karunaseker S (2010) A survey of coordinated attacks and collaborative intrusion detection. Comput Secur 29(1):124–140

    Google Scholar 

  6. Roschke S, Cheng F, Meinel C (2009) Intrusion detection in the cloud. In: 8th IEEE international conference on dependable, autonomic and secure computing

    Google Scholar 

  7. Dastjerdi AV, Bakar KA, Tabatabaei SGH (2009) Distributed intrusion detection in clouds using mobile agents. In: 3rd international conference on advanced engineering computing and applications in sciences

    Google Scholar 

  8. Jin H, Xiang G, Zou D, Wu S, Zhao F, Li M, Zheng W, A VMM-based intrusion prevention system in cloud computing environment

    Google Scholar 

  9. Lo C-C, Huang C-C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing Networks. In: 39th international conference on parallel processing workshops

    Google Scholar 

  10. Nance K, Hay B, Bishop M, Virtual machine introspection: observation or interference?

    Google Scholar 

  11. Portnoy L, Eskin E, Stolfo S (2011) Intrusion detection with unlabeled data using clustering. In Proceedings of ACM CSS workshop on data mining applied to security

    Google Scholar 

  12. Intrusion detection message exchange format. http://www.ietf.org/rfc/rfc4765.txt

  13. Wu Y-S, Foo B, Mei Y, Bagchi S (2003) Collaborative Intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of the 19th annual computer security applications conference

    Google Scholar 

  14. Zhu B, Ghorbani AA (2006) Alert correlation for extracting attack strategies. Int J Netw Secur 3(3):244–258

    Google Scholar 

  15. European Network and Information Security Agency (ENISA) (2011) Botnets: detection, measurement, disinfection and defence

    Google Scholar 

  16. Vuong ST, Alam MS, Advanced methods for Botnet intrusion detection systems

    Google Scholar 

  17. Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off my cloud: exploring information leakage in third-party compute clouds. In: CSS’09 proceedings of the 16th ACM conference on computer and communications security

    Google Scholar 

  18. Feily M, Shahrestani A, Ramadass S (2009) A survey of botnet and botnet detection. In: 3rd international conference on emerging security information, systems and technologies

    Google Scholar 

Download references

Acknowledgements

This work was partly supported by the IT R&D program of MKE (The Ministry of Knowledge Economy)/KEIT (Korea Evaluation Institute of Industrial Technology) [10035321, Terminal Independent Personal Cloud System].

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Kyunghee University, 1 Seocheon-dong, Giheung-gu, Yongin-si, Gyeonggi-do, 446-701, Korea

    Nguyen Doan Man & Eui-Nam Huh

Authors
  1. Nguyen Doan Man
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eui-Nam Huh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nguyen Doan Man .

Editor information

Editors and Affiliations

  1. , Convergence Security, Kyoung-gi University, Iui-dong San 94-6, Suwon, Gyeonggi-do, 443-760, Korea, Republic of (South Korea)

    Kuinam J. Kim

  2. , Computer Science, Sungkyunkwan University, Cheonchoen-dong, Jangan-gu 300, Suwon, Gyeonggi-do, 110-745, Korea, Republic of (South Korea)

    Seong Jin Ahn

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer Science+Business Media B.V.

About this paper

Cite this paper

Man, N.D., Huh, EN. (2012). A Collaborative Intrusion Detection System Framework for Cloud Computing. In: Kim, K., Ahn, S. (eds) Proceedings of the International Conference on IT Convergence and Security 2011. Lecture Notes in Electrical Engineering, vol 120. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2911-7_8

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-2911-7_8

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-2910-0

  • Online ISBN: 978-94-007-2911-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation