Abstract
Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS) based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA) and network intrusion detection system (NIDS). Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM) under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts, transfer data malicious and transfer update of a database of neighboring IDS in the cloud. With this technique, the neighboring IDS will use these new signatures to protect their area of control against the same type of attack. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
Highlights
Introduction[1][2]. Cloud services allow individuals and enterprises to use software and hardware that are managed by providers at remote locations
We present a new approach based on the improvement of collaboration among Hybrid Intrusion Detection System (HyIDS), Signature Generation Algorithm (SGA), Mobile Agents (MA) and Firewall
When for example our VM migrates from server machine to another one, it is still possible to perform intrusion detection as our investigative Mobile Agent (IMA) can migrate just like VMs, and the same rule applies to other mobile agents (Transfer Mobile Agents and Mobile Agent Update)
Summary
[1][2]. Cloud services allow individuals and enterprises to use software and hardware that are managed by providers at remote locations. Security is considered to be one of the most critical aspects in cloud computing environment due to the confidential and important information stored in the cloud [5][6] Network security appliances, such as Intrusion Detection Systems (IDS) is widely deployed in advantage points and play an important role in protecting the network from attacks. Due to different deployment mechanisms, we can distinguish different types of IDS; IDS can be categorized as softwarebased IDS, hardware-based IDS, and VM-based IDS [7] Most of these appliances work without collaboration, their detection results are isolated and cannot be collected and analyzed systematically. The cooperation between Hy-IDS, Firewall and mobile agents present what is called a Framework This framework allows to reach four objectives: the first, detection intrusion in a virtual environment using mobile agents for collecting malicious data. Cloud computing architecture introduces many technologies including server virtualization, Network Virtualization (NV), and Network Function Virtualization (NFV) to enhance the essential characteristics of cloud computing
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Interactive Multimedia and Artificial Intelligence
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
