An Alternative Model Of Virtualization Based Intrusion Detection System In Cloud Computing
Partha Ghosh, Ria Ghosh, Ruma Dutta
Index Terms: Cloud Computing, Cloud Service Provider(CSP), Host based Intrusion Detection System(HIDS), Intrusion Detection System(IDS), IDS Controller, Network based Intrusion Detection System(NIDS), Third Party, Virtualization.
Abstract: The massive jumps in technology led to the expansion of Cloud Computing as the most accepted medium for communication but it has also increased the scope of attacks as well. So security has become a major issue for Cloud Computing. In this paper we proposed a single IDS Controller creating and managing multiple instances for each user. A multithreaded NIDS protects the cloud efficiently and avoids the traffic congestion for large volume of data. In order to detect encrypted and fragmented data, HIDS is also deployed in the hypervisor for detailed monitoring over Server. Analyzing all the alerts, IDS Controller generates a final report to Cloud Service Provide and an alert report to the cloud user with the help of a Third Party monitoring and advisory service. Our proposed model provides a virtualized environment to protect the Cloud efficiently from vulnerabilities.
 Vieira K, Schulter A, Westphall C, Westphall C. Intrusion detection techniques in grid and cloud computing environment. IEEE IT Professional Magazine, pp.38-43 (2010).
 Dhage S N, Meshram B B, Rawat R, Padawe S, Paingaokar M, Misra A. Intrusion Detection System in Cloud Computing Environment. International Conference and Workshop on Emerging Trends in Technology (ICWET 2011) – TCET, pp.235-239(2011).
 Shelke P K, Sontakke S, Gawande A D. Intrusion Detection System for Cloud Computing. International Journal of Scientific & Technology Research Vol.1, Issue 4, pp.67-71(2012).
 Araújo J D, Abdelouahab Z. Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments. IJCSNS International Journal of Computer Science and Network Security Vol.12, pp.9-16(2012).
 Mohod A G, Alaspurkar S J. Analysis of IDS for Cloud Computing. International Journal of Application or Innovation in Engineering & Management (IJAIEM) Vol.2, Issue 3, pp.344-349(2013).
 Ubhale P R, Sahu A M. Securing Cloud Computing Environment by means of Intrusion Detection and Prevention System (IDPS). International Journal of Computer Science and Management Research Vol.2, Issue 5, pp.2430-2435(2013).
 Zarrabi A, Zarrabi A. Internet Intrusion Detection System Service in a Cloud. IJCSI International Journal of Computer Science Issues Vol.9, Issue 5, pp.308-315(2012).
 Agrawal G, Kamble M, Proposed Multi-Layers Intrusion Detection System (MLIDS) Model. International Journal of Computer Science and Information Technologies (IJCSIT) Vol.3, pp.5040–5042(2012).
 Charan N R G, Rao S T, Srinivas P V S. Deploying an Application on the Cloud. (IJACSA) International Journal of Advanced Computer Science and Applications Vol.2, pp.119-125(2011).
 Gupta P, Kaliyar P. History Aware Anomaly Based IDS for Cloud IaaS. International Journal of Computers & Technology Vol.10, pp.1779-1784(2013).
 Singh S K, Chaurasia N, Sharma P. Concept & Proposed Architecture of Hybrid Intrusion Detection System using Data Mining. International Journal of Engineering and Advanced Technology (IJEAT) Vol.2, Issue 5, pp.274-276(2013)
 Gupta B B, Joshi R C, Misra M. Distributed Denial of Service Prevention Techniques. International Journal of Computer and Electrical Engineering Vol.2, pp.268-276(2010).
 Kanika, Urmila. Security of Network Using Ids and Firewall. International Journal of Scientific and Research Publications Vol. 3, Issue 6, pp.1-4(2013).
 S Shalini, S Usha. Prevention Of Cross-Site Scripting Attacks (XSS) On Web Applications In The Client Side. International Journal of Computer Science Issues (IJCSI) Vol.8, Issue 4, pp.650-654(2011).