ABSTRACT
Cloud computing is a new paradigm based on distributed services. It allows to reduce costs and simplify the management of resources. Positioning the cloud in an operational environment provides easy and quick access to computing resources anywhere, anytime, with any device. However, it is deployed in virtual resources to provide services to public customers and private organizations. In fact, without security measures, distributed cloud services are vulnerable. It acquires knowledge about vulnerabilities, attacks, activities of attackers and tools to secure it. In this paper, we will propose a framework for detecting and repairing distributed intrusions in private cloud. However, we focus on the security of virtual network in virtualized environment. In order to secure inside or outside communication of virtual machines, we suggest using our framework based on snort, mobile agents and virtual firewall. This framework allows to reach three objectives: the first, detection intrusion in a virtual environment using mobile agents for collecting malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. Finally, dynamic deployment of remote response actions using virtual firewall. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
- M. Firdhous, O. Ghazali and H. Suhaidi. "Trust Management in Cloud Computing: A Critical Review" International Journal on Advances in ICT for Emerging Regions, 2011.Google Scholar
- H. Wu, Y. Ding, C. Winer, and L. Yao, "Network security for virtual machine in cloud computing", 5th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), Seoul, pp. 18--21, 2010.Google Scholar
- N. Modi et all "Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review", The Journal of Supercomputing,. 2016.Google Scholar
- J. D. Araújoet et all, "EICIDS-elastic and internal cloud-based detection system", International Journal of Communication Networks and Information Security (IJCNIS), 2015.Google Scholar
- Hai J, Guofu Xet all, AVMM-based intrusion prevention system in cloud computing environment. J Supercomput Springer Sci, 2013.Google Scholar
- Vieira K, Schulter A, Westphall C, Westphall C, Intrusion detection techniques in grid and cloud computing environment. IEEE, 2010.Google Scholar
- Zayed Al Haddad, Mostafa Hanoune and Abdelaziz Mamouni. "A Collaborative Network Intrusion Detection System (C-NIDS) in Cloud Computing", International Journal of Communication Networks and Information Security (IJCNIS) Vol. 8, No. 3, December 2016Google Scholar
- Toumi, H., B. Marzak, A. Talea, A. Eddaoui, and M. Talea. "Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment", International Journal of Interactive Multimedia and Artificial Intelligence, Vol. 4, 2017Google Scholar
- H. Toumi, A. Talea, B. Marzak, A. Eddaoui, M. Talea, "Cooperative Trust Framework for Cloud Computing Based on Mobile Agents". International Journal of Communication Networks and Information Security (IJCNIS) Vol. 7, No. 2, August 2015Google Scholar
- H. Toumi, A. Eddaoui and M. Talea." Cooperative Intrusion Detection System Framework Using Mobile Agents for Cloud Computing". Journal of Theoretical and Applied Information Technology 10th December 2014. Vol.70 No.1Google Scholar
- Kaaviyan Kanagasabapathi, S. Deepak and P. Prakash. "A Study on Security Issues in Cloud Computing", Springer India 2016.Google ScholarCross Ref
- Keiko H, DavidGR, Eduardo FM, Eduardo BF. An analysis of security issues for cloud computing. J Internet Serv Appl, 2013.Google Scholar
- H. Toumi, M. Talea, K. Sabiri, A. Eddaoui. "Toward a trusted framework for cloud computing", International Conference on Cloud Computing Technologies and Applications CLOUDTECH, IEEE, 2015. Google ScholarCross Ref
- N. Afzali Seresht, R. Azmi. "MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach". Engineering Applications of Artificial Intelligence 35, 2014. Google ScholarDigital Library
- Fahad F. Alruwaili and T. Aaron Gulliver. "CCIPS: A Cooperative Intrusion Detection and Prevention Framework for Cloud Services", Int. J Latest Trends Computing, December 2013.Google Scholar
- Amirreza Zarrabi and Alireza Zarrabi, "Internet Intrusion Detection System Service in a Cloud". International Journal of Computer Science Issues, September 2012.Google Scholar
- Paweł Lubomski, Andrzej Kalinowski, Henryk Krawczyk. "Multi-level Virtualization and Its Impact on System Performance in Cloud Computing". Proceedings, 23rd International Conference, CN 2016, Brunów, Poland, Springer, June 14--17, 2016, Switzerland. Google ScholarCross Ref
- Kamaruzaman Maskat, Mohd Afizi Mohd Shukran, Mohammad Adib Khairuddin. "Using Agent Based SNORT in Intrusion Detection Systems", International Conference on Industrial and Intelligent Information (ICIII 2012) IPCSIT vol.31, 2012Google Scholar
- Youssef Mifrah, Abdeslam En-Nouaary, Mohamed Dahchour. "An Abstract Framework for Introducing Computational Trust Models in JADE-Based Multi-Agent Systems", Advances in Ubiquitous Networking, Springer, 2016Google ScholarCross Ref
- Sho Oishi, Naoki Fukuta. "A Cooperative Task Execution Mechanism for Personal Assistant Agents Using Ability Ontology", 2016 IEEE/WIC/ACM International Conference on Web Intelligence (WI), IEEE, 2017Google Scholar
- AfnanFahim, AbderrahmenMtibaa, and Khaled A. Harras," Making the Case For Computational Offloadingin Mobile Device Clouds", June 2013.Google Scholar
- David I. Fadaraliki, S. Rajendran. "Process Offloading from Android Device to Cloud Using JADE", International Conference on Circuit, Power and Computing Technologies, 2015.Google Scholar
- Jaydip Sen. "A Distributed Intrusion Detection System Using Cooperating Agents", In Proceedings of the 3rd International Conference on Information Processing (ICIP'09), August 7-9, Bangalore, 2009, pp. 559--568.Google Scholar
Recommendations
Implementing Hy-IDS, Mobiles Agents and Virtual Firewall to Enhance the Security in IaaS Cloud
AbstractThe growth in customer requirements, big data analysis and pressures on response time, high costs of network platforms pushed companies to migrate to Cloud Computing providing on demand internet hosted IT services. The increase of Cloud users and ...
A Virtual Firewall Mechanism Using Army Nodes to Protect Cloud Infrastructure from DDoS Attacks
AbstractCloud is not exempted from the vulnerability of Distributed Denial of Service (DDoS) attack, a serious threat to any distributed network and has considerably less effective solutions to deploy in the network. This paper introduces a novel ...
Secure Networking for Virtual Machines in the Cloud
CLUSTERW '12: Proceedings of the 2012 IEEE International Conference on Cluster Computing WorkshopsCloud computing improves utilization and flexibility of allocating computing resources while reducing the infrastructural costs. However, cloud technology is still proprietary in many cases and is tainted by security issues rooted in the multi-tenant ...
Comments