01-10-2014, 12:54 PM
Intrusion Detection System on Cloud to Monitor Malicious Activities to Protect Cloud
Project Report
Protect Cloud.ppt (Size: 658 KB / Downloads: 10)
Introduction
Prime disadvantage of cloud computing is security.
Several common intrusions in cloud -
Insider attack.
Flooding attack.
User to root attacks.
Port Scanning, etc.
Detecting and responding to these attacks is important for enhancing the security.
Intrusion detection system (IDS) is a practical solution to resist these kinds of attacks.
Intrusion Detection System
usually monitor, collect and analyze logs, network traffic and user action in a process to identifying suspicious behavior.
capable of sending early alarm upon risks of exposure caused by any attack.
Aim is to alert or notify the system that some malicious activities have taken place..
composed of several components-
-sensor
-console
-central engine
Literature Survey
C. Modi et. al. (2013) [1] surveyed different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. They examined proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discussed various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommended IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks
Literature Survey (cont…)
P.K. Shelke et. al. (2012) [2] suggested that providing security in a distributed system requires more than user authentication with passwords or digital certificates and confidentiality in data transmission. Distributed model of cloud makes it vulnerable and prone to sophisticated distributed intrusion attacks like Distributed Denial of Service (DDOS) and Cross Site Scripting (XSS). To handle large scale network access traffic and administrative control of data and application in cloud, a new multi-threaded distributed cloud IDS model has been proposed. Their proposed cloud IDS handles large flow of data packets, analyze them and generate reports efficiently by integrating knowledge and behavior analysis to detect intrusions.
Problem Definition
In Cloud computing there are 3 security issues, which are confidentiality, integrity and availability (CIA).
Intrusion Detection System (IDS) is used to resist these kinds of attacks.
Intrusion detection functions include:
-Monitoring and analyzing both user and system activities.
-Analyzing system configurations and vulnerabilities.
-Assessing system and file integrity.
-Ability to recognize patterns typical of attacks.
-Analysis of abnormal activity patterns.
-Tracking user policy violations.
Discussion and Summary
There are top seven security threats:
1. Misuse and Vicious Use of Cloud Computing
2. Insecure Application Programming Interfaces
3. Malicious Insiders.
4. Shared Technology Vulnerabilities.
5. Data Loss or Data Leakage.
6. Account Service and Traffic Hijacking.
7. Unknown Risk Profile
We will concentrate on data loss or data leakage threat.
Work to be carried out
Create a mechanism to detect data loss or leakage.
Provide a solution to resist the data loss and leakage.
A database is created of different attacks on a machine connected on LAN.
Comparative study of our proposed system with the existing IDS systems.