Toward a trusted framework for cloud computing

Abstract

Cloud Computing is evolving as a key computing platform for sharing resources that include infrastructures, software, applications, and business. However, Cloud Computing is still a matter of great concern for a cloud user to trust security and reliability of cloud services. Cloud Computing is undergoing an incontestable success, which could be indeed compromised by concerns about the risks related to potential misuse of this model aimed at conducting illegal activities. There is major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To overcome these kinds of attacks, we propose a framework of cooperative Hybrid Intrusion Detection System (Hy-IDS) and Mobile Agents. Then, our Hybrid IDS consists of two types of IDS, which are dispatched over three layer of cloud computing. Therefore, in the first layer our framework allows to collect, analyze and detect malicious data using the first type of IDS and Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures, based on a Signature Generation Algorithm (SGA) and network intrusion detection system (NIDS). However, these new signatures are used to update the database of the IDS. The mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts, transfer data malicious and transfer update of a database of neighboring IDS in the cloud. Therefore, the neighboring IDS will use these new signatures to protect their area of control against the same type of attack. Applying this close-loop control, the collaborative network security management framework could identify and address new distributed attacks more quickly and effectively.