Abstract
Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloud environment. An initial prototype implementation is verified and tested on private cloud with a fully functional implementation under progress.
Highlights
Cloud computing according to National Institute of Standards and Technology (NIST) is a service that is provided in the form of computing power and data storage, remotely over internet with minimal efforts for resource allocation, management, and release [1]
The concept is of creating a VM profile db that will describe the attack patterns that needs to be looked over on the VM specific traffic
The VM profile db contains the attacks in a ranked manner which will ensure timely detection as the patterns will be searched in the traffic in a ranked manner
Summary
Cloud computing according to National Institute of Standards and Technology (NIST) is a service that is provided in the form of computing power and data storage, remotely over internet (network based access) with minimal efforts for resource allocation, management, and release [1]. Cloud computing provides three major services to its users at various layers of computing. These include [1] the following:. A user has full control on which software to run and International Journal of Distributed Sensor Networks how the software will behave but has dependency on the platform support such as compilers, operating system, and execution frameworks provided by cloud vendor,. The major facility that Cloud computing provides and that makes it different is that it is highly scalable form of computing and can be allocated, reallocated, and released with minimal managerial efforts [1]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Distributed Sensor Networks
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
