Abstract
Cloud Computing provides a framework for supporting end users easily attaching powerful services and applications through Internet. To provide secure and reliable services in cloud computing environment is an important issue. To counter a variety of attacks, especially large-scale coordinated attacks, a framework of Collaborative Intrusion Detection System (IDS) is proposed. The proposed system could reduce the impact of these kinds of attacks through providing timely notifications about new intrusions to Cloud users’ systems. To provide such ability, IDSs in the cloud computing regions both correlate alerts from multiple elementary detectors and exchange knowledge of interconnected Clouds with each other. In the system, another advantage is isolation between detectors with compromised hosts to protect these detectors from evasions or infections.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Furht B, Chapter 1, Handbook of cloud computing
The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, Special Publication 800-145 (Draft)
Guide to Intrusion Detection and Prevention Systems (IDPS), Recommendations of the National Institute of Standards and Technology, Special Publication 800-94
Garfinkel T, Rosenblum M (2003) A virtual machine introspection-based architecture for intrusion detection. In:Proceedings 10th symposium, Network and Distributed System Security (NDSS 03), Internet Society, pp 191–206
Zhou CV, Leckie C, Karunaseker S (2010) A survey of coordinated attacks and collaborative intrusion detection. Comput Secur 29(1):124–140
Roschke S, Cheng F, Meinel C (2009) Intrusion detection in the cloud. In: 8th IEEE international conference on dependable, autonomic and secure computing
Dastjerdi AV, Bakar KA, Tabatabaei SGH (2009) Distributed intrusion detection in clouds using mobile agents. In: 3rd international conference on advanced engineering computing and applications in sciences
Jin H, Xiang G, Zou D, Wu S, Zhao F, Li M, Zheng W, A VMM-based intrusion prevention system in cloud computing environment
Lo C-C, Huang C-C, Ku J (2010) A cooperative intrusion detection system framework for cloud computing Networks. In: 39th international conference on parallel processing workshops
Nance K, Hay B, Bishop M, Virtual machine introspection: observation or interference?
Portnoy L, Eskin E, Stolfo S (2011) Intrusion detection with unlabeled data using clustering. In Proceedings of ACM CSS workshop on data mining applied to security
Intrusion detection message exchange format. http://www.ietf.org/rfc/rfc4765.txt
Wu Y-S, Foo B, Mei Y, Bagchi S (2003) Collaborative Intrusion detection system (CIDS): a framework for accurate and efficient IDS. In: Proceedings of the 19th annual computer security applications conference
Zhu B, Ghorbani AA (2006) Alert correlation for extracting attack strategies. Int J Netw Secur 3(3):244–258
European Network and Information Security Agency (ENISA) (2011) Botnets: detection, measurement, disinfection and defence
Vuong ST, Alam MS, Advanced methods for Botnet intrusion detection systems
Ristenpart T, Tromer E, Shacham H, Savage S (2009) Hey, you, get off my cloud: exploring information leakage in third-party compute clouds. In: CSS’09 proceedings of the 16th ACM conference on computer and communications security
Feily M, Shahrestani A, Ramadass S (2009) A survey of botnet and botnet detection. In: 3rd international conference on emerging security information, systems and technologies
Acknowledgements
This work was partly supported by the IT R&D program of MKE (The Ministry of Knowledge Economy)/KEIT (Korea Evaluation Institute of Industrial Technology) [10035321, Terminal Independent Personal Cloud System].
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer Science+Business Media B.V.
About this paper
Cite this paper
Man, N.D., Huh, EN. (2012). A Collaborative Intrusion Detection System Framework for Cloud Computing. In: Kim, K., Ahn, S. (eds) Proceedings of the International Conference on IT Convergence and Security 2011. Lecture Notes in Electrical Engineering, vol 120. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-2911-7_8
Download citation
DOI: https://doi.org/10.1007/978-94-007-2911-7_8
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-2910-0
Online ISBN: 978-94-007-2911-7
eBook Packages: EngineeringEngineering (R0)