Moving services to the Cloud is a trend that has steadly gained popularity over recent years, with a constant increase in sophistication and complexity of such services. Today, critical infrastructure operators are considering moving their services and data to the Cloud. Infrastructure vendors will inevitably take advantage of the benefits Cloud Computing has to offer. As Cloud Computing grows in popularity, new models are deployed to exploit even further its full capacity, one of which is the deployment of Cloud federations. A Cloud federation is an association among different Cloud Service Providers (CSPs) with the goal of sharing resources and data. In providing a larger-scale and higher performance infrastructure, federation enables on-demand provisioning of complex services. In this paper we convey our contribution to this area by outlining our proposed methodology that develops a robust collaborative intrusion detection methodology in a federated Cloud environment. For collaborative intrusion detection we use the Dempster-Shafer theory of evidence to fuse the beliefs provided by the monitoring entities, taking the final decision regarding a possible attack. Protecting the federated Cloud against cyber attacks is a vital concern, due to the potential for significant economic consequences.
| [1] | D. Wallom, M. Turilli, A. Martin, A. Raun, G. Taylor, N. Hargreaves, and A. McMoran, “my Trusted Cloud: Trusted Cloud Infrastructure for Security-critical Computation and Data Managment,” 2011 IEEE Third Int. Conf. Cloud Comput. Technol. Sci., pp. 247-254, Nov. 2011. PubMed |
| [2] | OTE, “Discussion on the Challenges for the Development of a Context for : Secure Cloud computing for Critical infrastructure IT,” Greece, 2012. |
| [3] | S. Paudel and M. Tauber, “Security Standards Taxonomy for Cloud Applications in Critical Infrastructure IT,” in 8th International Conference for Internet Technology and Secured Transactions (ICITST), 2013, pp. 645-646.View Article |
| [4] | M. Sch, R. Bless, F. Pallas, J. Horneber, and P. Smith, “An Architectural Model for Deploying Critical Infrastructure Services in the Cloud,” in IEEE Cloud Com 2013, 2013. |
| [5] | M. T. Khorshed, a. B. M. S. Ali, and S. a. Wasimi, “A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing,” Futur. Gener. Comput. Syst., vol. 28, no. 6, pp. 833-851, Jun. 2012.View Article |
| [6] | S. Wright, “ETSI NFV ISG,” The Internet Engineering Task Force (IETF) IETF 91 Proceedings, 2014. [Online]. Available: https://www.ietf.org/proceedings/91/slides/slides-91-nfvrg-8.pdf. [Accessed: 12-Feb-2015]. |
| [7] | K. Hwang, S. Kulkareni, and Y. Hu, “Cloud Security with Virtualized Defense and Reputation-Based Trust Mangement,” 2009 Eighth IEEE Int. Conf. Dependable, Auton. Secur. Comput., pp. 717-722, Dec. 2009.View Article |
| [8] | Á. MacDermott, Q. Shi, M. Merabti, and K. Kifayat, “Protecting critical infrastructure services in the cloud environment considerations,” Inderscience Int. J. Crit. Infrastructures, vol. 10, no. 3, 2014. |
| [9] | O. Babaoglu, M. Tamburini, and U. Bologna, “Design and Implementation of a P2P Cloud System,” in Proceedings of the 27th Annual ACM Symposium on Applied Computing, 2012, pp. 412-417.View Article |
| [10] | M. Rak, M. Ficco, J. Luna, H. Ghani, N. Suri, S. Panica, and D. Petcu, “Security Issues in Cloud Federations,” in Achieving Federated and Self-Manageable Cloud Infrastructures: Theory and Practice, 2012, pp. 176-194. |
| [11] | D. Villegas, N. Bobroff, I. Rodero, J. Delgado, Y. Liu, A. Devarakonda, L. Fong, S. Masoud Sadjadi, and M. Parashar, “Cloud federation in a layered service model,” J. Comput. Syst. Sci., vol. 78, no. 5, pp. 1330-1344, Sep. 2012.View Article |
| [12] | N. Gruschka and M. Jensen, “Attack Surfaces: A Taxonomy for Attacks on Cloud Services,” in 2010 IEEE 3rd International Conference on Cloud Computing, 2010, pp. 276-279.View Article |
| [13] | Á. Macdermott, Q. Shi, M. Merabti, and K. Kifayat, “Security as a Service for a Cloud Federation,” in The 15th Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting (PGNet2014), 2014, pp. 77-82. |
| [14] | N. Kumar, “Study of Intrusion Detection System for DDoS Attacks in Cloud Computing,” in 2013 Tenth International Conference on Wireless and Optical Communications Networks (WOCN), 2013.View Article |
| [15] | VM Ware Inc., “Securing the Cloud a Review of Cloud Computing, Security Implications and Best Practices,” Tech Republic, Whitepaper, 2003. [Online]. Available: http://www.techrepublic.com/resource-library/whitepapers/securing-the-cloud-a-review-of-cloud-computing-security-implications-and-best-practices-copy1/. [Accessed: 25-Jul-2013]. |
| [16] | C. Thomas and B. Narayanaswamy, “Sensor Fusion for Enhancement in Intrusion Detection,” in Sensor Fusion-Foundation and Applications, 2011, pp. 61-76. |
| [17] | F. Sabahi and A. Movaghar, “Intrusion Detection: A Survey,” in 2008 Third International Conference on Systems and Networks Communications, 2008, pp. 23-26.View Article |
| [18] | A. Patel, Q. Qassim, and C. Wills, “A survey of intrusion detection and prevention systems,” Inf. Manag. Comput. Secur., vol. 18, no. 4, pp. 277-290, 2010.View Article |
| [19] | V. Chandola, A. Banerjee, and V. Kumar, “Anomaly detection: A Survey,” ACM Comput. Surv., vol. 41, no. 3, pp. 1-58, Jul. 2009.View Article |
| [20] | S. Neelakantan and S. Rao, “A Threat-Aware Hybrid Intrusion-Detection Architecture for Dynamic Network Environments,” CSI J. Comput., vol. 1, no. 3, 2012. |
| [21] | H. Cheng, C. Rong, K. Hwang, W. Wang, and Y. Li, “Secure big data storage and sharing scheme for cloud tenants,” China Commun., vol. 12, no. 6, pp. 106-115, 2015.View Article |
| [22] | Á. MacDermott, Q. Shi, M. Merabti, and K. Kifayat, “Protecting Critical Infrastructure Services in the Cloud Environment,” in Proceedings of the 12th European Conference on Information Warfare and Security, 2013, pp. 336-343. |
| [23] | H. Hamad and M. Al-Hoby, “Managing Intrusion Detection as a Service in Cloud Networks,” Int. J. Comput. Appl., vol. 41, no. 1, pp. 35-40, Mar. 2012.View Article |
| [24] | J. Montes, A. Sánchez, B. Memishi, M. S. Pérez, and G. Antoniu, “GMonE: A complete approach to cloud monitoring,” Futur. Gener. Comput. Syst., vol. 29, no. 8, pp. 2026-2040, 2013.View Article |
| [25] | R. N. Calheiros, A. N. Toosi, C. Vecchiola, and R. Buyya, “A coordinator for scaling elastic applications across multiple clouds,” Futur. Gener. Comput. Syst., vol. 28, no. 8, pp. 1350-1362, 2012.View Article |
| [26] | Z. Chen, F. Han, J. Cao, X. Jiang, and S. Chen, “Cloud computing-based forensic analysis for collaborative network security management system,” Tsinghua Sci. Technol., vol. 18, no. 1, pp. 40-50, 2013.View Article |
| [27] | S. N. Dhage and B. B. Meshram, “Intrusion detection system in cloud computing environment,” Int. J. Cloud Comput., vol. 1, no. 2/3, p. 261, 2012.View Article |
| [28] | J. Lee, M. Park, and J. Eom, “Multi-level Intrusion Detection System and log management in Cloud Computing,” 2011 13th Int. Conf. Adv. Commun. Technol., no. 1, pp. 552-555, 2011. |
| [29] | C.-C. Lo, C.-C. Huang, and J. Ku, “A Cooperative Intrusion Detection System Framework for Cloud Computing Networks,” in 2010 39th International Conference on Parallel Processing Workshops, 2010, pp. 280-284.View Article |
| [30] | S. Taghavi Zargar, H. Takabi, and J. Joshi, “DCDIDP: A Distributed, Collaborative, and Data-driven Intrusion Detection and Prevention Framework for Cloud Computing Environments,” Proc. 7th Int. Conf. Collab. Comput. Networking, Appl. Work., pp. 332-341, 2011.View Article |
| [31] | S. Meng, A. K. Iyengar, I. M. Rouvellou, L. Liu, K. Lee, B. Palanisamy, and Y. Tang, “Reliable State Monitoring in Cloud Datacenters,” in 2012 IEEE Fifth International Conference on Cloud Computing, 2012, pp. 951-958.View Article |
| [32] | M. Mechtri, D. Zeghlache, E. Zekri, and I. J. Marshall, “Inter and intra Cloud Networking Gateway as a service,” in 2013 IEEE 2nd International Conference on Cloud Networking (CloudNet), 2013, pp. 156-163.View Article |
| [33] | Q. Chen and U. Aickelin, “Anomaly Detection Using the Dempster-Shafer Method,” in DMIN, 2006, pp. 232-240. |
| [34] | W. H. Jianhua Li and Q. Gao, “Intrusion Detection Engine Based on Dempster-Shafer’s Theory of Evidence,” in 2006 International Conference on Communications, Circuits and Systems Proceedings, 2006, vol. 2, no. 2003, pp. 1627-1631. |
| [35] | A. G. Fragkiadakis, V. a. Siris, N. E. Petroulakis, and A. P. Traganitis, “Anomaly-based intrusion detection of jamming attacks, local versus collaborative detection,” J. Wirel. Commun. Mob. Comput., vol. 15, no. 2, pp. 276-294, Jan. 2013.View Article |
