{"title":"云环境下入侵检测系统部署:基于性能的研究","authors":"Varun Mahajan, S. K. Peddoju","doi":"10.1109/Trustcom/BigDataSE/ICESS.2017.359","DOIUrl":null,"url":null,"abstract":"The aim of Cloud Computing environment is to provide low cost, reliable, rapid, on-demand services to the users anywhere and anytime. But with its rapid development the security challenges are numerous. The capability of the malicious users to compromise cloud security from outside and inside has increased many folds. Hence organizations and users are skeptical about the security of cloud based services. To detect various attack patterns there are different deployment scenarios and detection methods of intrusion detection system( IDS) a cloud administrator can adopt. The Network IDS and Host IDS techniques have gone a long way in detection of known and unknown attacks in cloud infrastructure as a Service (IaaS). This paper focuses on deployment of signaturebased IDS for detection of intrusion at network level and cloud VM instances. It discusses the flow of traffic in provider and self-service provider network architecture in OpenStack environment and use of port mirroring to detect intrusion. The results evaluate the CPU and memory performance measure of IDS and management of the alerts generated due to malicious and non-malicious traffic at varying speed.","PeriodicalId":170253,"journal":{"name":"2017 IEEE Trustcom/BigDataSE/ICESS","volume":"33 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Deployment of Intrusion Detection System in Cloud: A Performance-Based Study\",\"authors\":\"Varun Mahajan, S. K. Peddoju\",\"doi\":\"10.1109/Trustcom/BigDataSE/ICESS.2017.359\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The aim of Cloud Computing environment is to provide low cost, reliable, rapid, on-demand services to the users anywhere and anytime. But with its rapid development the security challenges are numerous. The capability of the malicious users to compromise cloud security from outside and inside has increased many folds. Hence organizations and users are skeptical about the security of cloud based services. To detect various attack patterns there are different deployment scenarios and detection methods of intrusion detection system( IDS) a cloud administrator can adopt. The Network IDS and Host IDS techniques have gone a long way in detection of known and unknown attacks in cloud infrastructure as a Service (IaaS). This paper focuses on deployment of signaturebased IDS for detection of intrusion at network level and cloud VM instances. It discusses the flow of traffic in provider and self-service provider network architecture in OpenStack environment and use of port mirroring to detect intrusion. The results evaluate the CPU and memory performance measure of IDS and management of the alerts generated due to malicious and non-malicious traffic at varying speed.\",\"PeriodicalId\":170253,\"journal\":{\"name\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"volume\":\"33 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE Trustcom/BigDataSE/ICESS\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.359\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Trustcom/BigDataSE/ICESS","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.359","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Deployment of Intrusion Detection System in Cloud: A Performance-Based Study
The aim of Cloud Computing environment is to provide low cost, reliable, rapid, on-demand services to the users anywhere and anytime. But with its rapid development the security challenges are numerous. The capability of the malicious users to compromise cloud security from outside and inside has increased many folds. Hence organizations and users are skeptical about the security of cloud based services. To detect various attack patterns there are different deployment scenarios and detection methods of intrusion detection system( IDS) a cloud administrator can adopt. The Network IDS and Host IDS techniques have gone a long way in detection of known and unknown attacks in cloud infrastructure as a Service (IaaS). This paper focuses on deployment of signaturebased IDS for detection of intrusion at network level and cloud VM instances. It discusses the flow of traffic in provider and self-service provider network architecture in OpenStack environment and use of port mirroring to detect intrusion. The results evaluate the CPU and memory performance measure of IDS and management of the alerts generated due to malicious and non-malicious traffic at varying speed.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
