The elasticity and abundant availability of computational resources are attractive to intruders exploit vulnerabilities of the cloud, thus being able to launch attacks against legitimate users to gain access to private and privileged information. The Intrusion Detection Systems are presented as a possible solution for protection; however, to effectively protect cloud users, it must have the ability to expand, rapidly increased or decreased the amount of sensors, according to the provisioning resources, and isolate the access to infrastructure and system levels. Protection against internal threats should also be planned, as most of the protection systems do not identify them properly. In order to solve these problems, we present the EICIDS - Elastic and Internal Cloud-based Intrusion Detection System, which monitors the internal environment of the cloud, entering sensor data capture in the local network of user´s VMs, thus being able to detect suspicious behavior of users. For this, the EICIDS uses the characteristics of virtual machines (such as fast boot, quick recovery, stop, migrate between different hosts and execution across multiple platforms) in order to monitor and protect the environment of cloud computing, with the growth or reduction of the cloud in order to save resources.
Read full abstract