A multi-criteria analysis of intrusion detection architectures in cloud environments

Abstract

Cloud computing promises to increase innovation and the velocity with which applications are deployed all while helping any enterprise meet most IT service needs at a lower total cost of ownership and higher return investment. As the march of cloud continues, it brings both new opportunities and new security challenges. To take advantage of those opportunities while minimizing risks, we argue that Intrusion Detection Systems (IDS) integrated in the cloud is one of the best existing solutions nowadays in the field. The concept of intrusion detection was known since past and was first proposed in 1980s. Since that time IDSs are evolving. However, even several efforts have been made in the area of Intrusion Detection Systems for cloud computing environment, many attacks still prevail. Therefore, the work presented in this paper proposes a multi-criteria analysis and a comparative study between several IDS architectures designed to work in cloud computing environments. To achieve this objective, in the first place we will search in the state of the art for several consistent IDS architectures designed to work in a cloud environment. Whereas, in a second step we will establish the criteria that will be useful for the evaluation of architectures. Later, using the approach of multi-criteria decision analysis MacBeth (Measuring Attractiveness by a Categorical Based Evaluation Technique) we will evaluate the criteria and assign to each one the appropriate weight according to their importance in the field of IDS architectures in cloud computing. The last step is to evaluate architectures against the criteria and collecting results of the model constructed in the previous steps.