Abstract

In order to overcome the provisioning and scalability limits of a single cloud, cloud federation appears as the computing model in which multiple resources from independent cloud providers can be shared to create large-scale distributed virtual clusters. On the other hand, these complex architectures become an attractive target for distributed denial of service DDoS attacks. Although federated cloud environments have large amount of resources and profound dynamic allocation capability, which can be used to face DDoS attacks, they are however vulnerable to attacks that aim at compromising the service level agreements. In this paper, we investigate the key research topics for supporting distributed intrusion detection in a federated cloud environment. We propose a scalable intrusion detection solution, which can be used by cloud providers to protect the federated cloud infrastructure, as well as offered to the cloud service providers to monitor the hosted applications. We present a multi-layer architecture, which exploits a publish/subscribe middleware to collect and share security information in the federated cloud infrastructure. Moreover, we present an open-source framework, which provides features and interfaces to develop and deploy security components, as well as to define customised event correlation rules used to detect possible inter-cloud attacks.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.