Framework to detect and repair distributed intrusions based on mobile agent in hybrid cloud
|
|
- Russell Riley
- 8 years ago
- Views:
Transcription
1 Framework to detect and repair distributed intrusions based on mobile agent in hybrid cloud Abir KHALDI 1, Kamel KAROUI 1, Henda BEN GHEZALA 1 1 RIADI Laboratory ENSI, University of Manouba, Manouba, Tunisia Abstract- Cloud computing is an emerging paradigm based on distributed services. It is deployed in virtual resources to provide services to public customers and private organizations. Generally, without security measures, distributed cloud services are vulnerable. In this paper, we will propose a framework for detecting and repairing distributed intrusions in hybrid cloud. Our framework is based on secure mobile agents. Keywords: Cloud computing, security,, Mobile Agent. 1. Introduction Cloud providers offer the customers services requirements. There are some security issues associated with cloud services. These issues fall into two broad categories: Security issues faced by cloud providers and security issues faced by customers. In most cases, the providers must ensure their infrastructure security and their clients data integrity while the customer must ensure that the provider has taken the proper security measures to protect his information. Because of its distributed nature, cloud computing environments are easy targets for intruders looking for exploring possible vulnerabilities. The first defense line to face attackers is to deploy a firewall to filter unauthorized access then an (Intrusion detection system) in order to detect coming attacks. N Cloud Environment Firewall Figure 1. Firewall and N in the Cloud architecture In figure 1, we have an N (Network ) to monitor all cloud network traffics. When an attack occurs, N alerts cloud administrator. In [1], we proposed a secure cloud architecture based on an N as a second line of defense after the firewall. The N performance is really approved for detecting attacks. But, attacks can be distributed between cloud nodes and be hidden for the N. So to detect them, we will propose a framework implementing : - A H (Host ) in every virtual machine () - An intelligent process to correlate between H alerts. - Secure Agents to execute the correlating process We will focus on deploying this framework on hybrid cloud environment to: - Phase 1 : Detect distributed attacks - Phase 2 : Evaluate the attacks risks - Phase 3 : Repair attacks In this paper, we will propose a framework based on secure mobile agents to detect distributed intrusions and repair the vulnerabilities in hybrid cloud. The repairing phase consists on adding a new security policy in the firewall. The reminder of this paper is organized as fols. The section 2 discusses some related works in the area of mobile agent based. In the next sections, we will describe our proposed framework using mobile agents to detect and repair intrusions. Then we will explain implementation prototype in section 5 to evaluate results in section 6. Finally, we will give conclusions in section Related work The is based on two simple components architecture: collection component and analyzer component. While this architecture is effective just for small collections of monitored hosts. In fact, centralized analysis limits the ability to scale up to handle larger collections. Therefore, Mobile Agent-based intrusion detection system, such as Autonomous Agents for Intrusion Detection (AAFID) [2], fols a hierarchical structure. So, if any part of the internal nodes is disabled, the functioning of that branch of will be disqualified. In addition, those architectures are not flexible, not completely distributed and are not able to respond to attacks against intrusion detection system itself.
2 The performance using mobile agents is considerably important to reduce the network load. In this case, agents communications should be secured. This issue, which has been neglected by most of related works, will be one of the main concern when we design our framework. It will be based on secure mobile agents to detect distributed intrusions in hybrid cloud. Table I illustrates a comparative study on related works. managed, and operated by a business, academic, or government organization, or some combination of them. It exists on the premises of the cloud provider. Private cloud: The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, Table 1. Comparing properties of previous related work RELATE D WORK ARCHITECTURE NETWORK LOAD [2] Hierarchical Distributed towards root node [3][4] Hierarchical Distributed towards root node [5][6] Centralized Distributed towards root node [7] Hierarchical Distributed towards a gateway Agent SCALABILITY Low Low [8] Centralized Symmetrical High [9] Hierarchical Distributed towards upper level Low [10] Peer to peer Symmetrical High [11] Peer to peer Symmetrical High RESISTIBILITY of of of of AGENT SECURITY No security approach DESCRIPTION Increasing the resistance to the of a specific component by Using data and function redundancy Using Mobile Agents to trace intruders among the various hosts involved in an intrusion Agents are composed dynamically using a genetic algorithm, which continually attempts to maximize the likelihood of discovering existing vulnerabilities. Approach was proposed to detect distributed intrusion among the network by various Agents. The presented intrusion detection system, DIDMA is designed by keeping in mind the notion of flexibility, scalability, platform independence They show how dynamic aggregation provides a mechanism for extending existing objects and als us to quickly add new features to the system. A virtual neighborhood is created where neighbors take on the task of looking out for each other. Applying Mobile Agents technology to provide intrusion detection for Cloud applications regardless of their locations. 3. Proposal mobile agent framework in hybrid cloud In this section, we will define the cloud environment of our framework, its objectives, components and functions. 3.1 Cloud environment The deployment models of cloud computing are [12]: Public cloud : The cloud infrastructure is provisioned for open use by the general public. It may be owned, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises. Hybrid cloud: The cloud infrastructure is a composition of two or more distinct cloud infrastructures (private, community, or public) that remain unique entities but are bound together by standardized or proprietary technology that enables data and application portability (e.g., cloud bursting for load balancing between clouds). Community cloud : The cloud infrastructure is provisioned for exclusive use by a specific community of consumers
3 from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises. In our proposed framework, we focus on detecting intrusions in hybrid cloud. 3.2 Framework objectives The main framework objectives are : - Distributing correlation and decreasing network load : To supervise all the network nodes, a central node should query them and collect detected intrusions information to analyze it. So the network traffic will increase. To do, we try to adopt a distributed correlated system based on mobile agents to reduce network load due to the migration of agents from one node to another. - Reducing CPU load for each Cloud node: We try to distribute the work load of detecting intrusions between nodes instead of centralized it on one principal node. - Securing communication: We want to adopt a secure mobile agents platform within an encrypted communication between agents in order to avoid any intrusion. - Detecting distributed intrusions: An attack against a cloud computing system can be silent and not detected just in only one node,. In fact, cloudspecific attacks don t necessarily leave traces in one node. In this way, we propose to analyze traces using data mining to detect new attacks. 3.3 Framework components Our framework is based on six actors described as fols (see figure2): 1. An : An is deployed in each node () in the hybrid cloud (private and public). The monitors the traffics, detects intrusions and saves it in its database. 2. Correlated Mobile Agent (): it is a mobile agent dispatched to each node in the cloud area. The contains the rules to verify in each node using the alerts saved in database. In the same time, the framework supports two every one in each cloud area (public, private) to have rapidly a hole idea about the hybrid cloud intrusions. 3. a Public Cloud Agent (PbCA) : It is a static agent implemented in the administrator node in public cloud. This agent dispatch a to detect intrusions and go back with all the results of the correlation process. 4. A Private Cloud Agent (PvCA) : It is a static agent implemented in the administrator node in private cloud. This agent dispatch a to detect intrusions and go back with all the results of the correlation process. 5. An Hybrid Cloud Agent (HCA): It is a static agent implemented in the administrator node in hybrid cloud. This agent query the PbCA and the PvCA to start with the detection process in order to evaluate the security level in the hybrid cloud. 6. A Static Agent () : The static agent is implemented in each to receive the. Hybrid Cloud 1 PbCA 2 Public Cloud n HCA PvCA Private Cloud 3.4 Framework Functions We will describe the different functions and interactions between agents to detect distributed intrusions in the figure 3. The HCA can manage all the hybrid cloud towards its cloud area: public cloud and private cloud. The management can only be done for one cloud area or the two area in the same time depending on the Cloud status. Therefore, HCA asks the PbCA (11) or the PvCA (21) or both of them in the same time to report it the distributed intrusions detection in their cloud to audit the hybrid cloud. The PbCA and the PcCA create a with all the rules implemented in its code and dispatch it to the Cloud (12,22). The migrates to the (13,23). The receives The and asks password. This step is very important because AS reject if it is not authenticated. After receiving (14,24), asks information stored in the database. It hasn t permissions to access directly to database so is the middleware. applies all the rules in its data base to detect distributed intrusions in the. When finished, moves to the next to repeat the same steps done in the first. After finishing the detection in all the cloud, reports the results to its Cloud Agent (PbCA (15) or 1 2 Figure 2. Mobile Agent Framework in Hybrid Cloud n
4 PvCA(25)) ). The Cloud Agent gives report to the HCA (16,26) to supervise the hybrid cloud. If any is not connected or broken down, the discovers the status and migrate to the next to continue its work. The distributed detection process can be launched by the HCA, the PbCA or the PVCA. RMA HCA RMA 11. HCA demands the intrusions detected in public cloud to PbCA 16 PbCA gives report to HCA HCA 21.HCA demands the intrusions detected in private cloud to PvCA 26 PVCA gives report to HCA Protects Vulnerable Firewall Policy rule to apply PbCA PvCA Figure 4. Repairing of vulnerability in cloud environment 12 PbCA dispatch migrates to Public Cloud 15 1 gives report to PbCA 14 receives 1 22 PvCA dispatch migrate to 25 2 gives report to PvCA 2 4. Mobile agent based framework 24 receives 2 fixing vulnerabilities in hybrid cloud When the HCA detects distributed intrusion, the cloud network administrator should take the necessary security measures and apply it immediately. For that, we propose to extend the Framework in section III to fix vulnerabilities and avoid intrusions (see figure 4). If intrusions occurs, it means that there is a vulnerability in the or a missing policy security in the firewall. So HCA could dispatch a Reparation mobile agent (RMA) to: - the vulnerable to repair it if there is any service to close or to reject any established communication with a malicious user. - the firewall to apply new security rules to avoid intrusions detected. In this way, firewall should implement a Static Agent to receive the RMA in order to get rules and apply them. Private Cloud Figure 3. Agent Framework intercommunication 5. Prototype Implementation The proposed framework in the previous section is illustrating how specific features of the Mobile Agents can increase the efficiency of the system and decrease the network load as well (see figure 5). Mobile Agent has been used for implementation. technology was first released in 1999 by Toshiba [13], as a new type of pure agent development framework for the advanced network society. Its communication framework is based on the multi-agents model. The Bee-gent framework is comprised of two types of agents: agent wrappers and mediation agents. Agent Wrappers are used to agentify existing applications. The agent wrappers manage the states of the applications, which are wrapped around, and invoke the applications when necessary. Mediation Agents support inter-application co-ordination by handling all communications among applications. The mediation agents move from the site of an application to another where they interact with the remote agent wrappers. For The, we deployed SNORT[14] in each to monitor the system and the network intrusions. We configured snort to save alerts in its mysql database to deal with analyzed phase by. We choose iptables as a firewall in a linux machine to manage the repairing of vulnerability and the application of new security rules. To implement our architecture, we ve chosen the ware vsphere Hypervisor 5 composed of an ESXi and vsphereclient. The choice of Ware ESXI was made based on foling reasons : - Freeware version - Solution qualified by the internet community as stable and portable - Fully managed through vsphere. - Supports hot migration. The figure 5 shows all the framework components to detect and avoid distributed intrusions in the cloud area.
5 () Snort (DB) () () () Snort (DB) Firewall (iptables) (AS) Cloud Manager () (RMA) () (RMA) () Snort (DB) 6. Framework Evaluation In this section, our mobile agent framework performance will be challenged while we are comparing it with the performance of client/server s approach. Our aim is to verify our features and effectiveness. The with Mobile Agent approach claims the less network load compared to the client/server approach, by shipping code to data instead of shipping data to code. In figure 6, we compare the network load (number of request exchanged in the network) for the client-server approach and the mobile agent approach according to the number of machines. So the mobile agent () is dispatched from the cloud manager (PbCM or PvCM) to each in the cloud to detect distributed intrusion and return back results. The number of request in this case is: RequestNumber = Number + 1 But when we use the client/server approach, the cloud manager should query each to receive response so: RequestNumber = Number *2 () () Snort (DB) () Figure 5. Framework components in hybrid cloud Consequently, the mobile agent concept becomes relatively interesting especially when the count of s increases. the mobile agent approach offers two important agent features: - When the mobile agent migrates to a broken, it moves to an another to continue its work. So due to this property, we avoid the single. - The mobile agent intercommunication should be authenticated and encrypted. This property avoid any attempted attack aiming to intercept agent communication. Using mobile agents als to fix vulnerabilities either in the or in the firewall by adding new security rules. Number of request Conclusion Figure 6. Evaluation of mobile agent versus client/server in Framework Cloud computing takes the essence of both Mobile agents and virtualization in a way to combine their key benefits. The s are the ideal platforms for agents to execute safely, based on the fact that virtual machine can be used to provide secure, isolated sand boxes for the Mobile Agents. In our framework, Clouds and Virtualization can benefit from approach which mobile agents makes it scalable, flexible and cost effective. In our future work, we will test this framework for detecting DDOS attacks in the cloud environment. 8. References Number of Client/Server Mobile Agent [1] A. khaldi, k. Karoui, N. Tanbène. H. Ben ghezala, Secure cloud architecture design, nd IEEE International Conference on Mobile Cloud Computing, Services, and Engineering, 2014 April, Oxford..
6 [2] J.Balasubramainyan, J.O. Garcia-Fernandez, D.Isacoff, E.H. Spafford, D.Zamboni, An architecture of intrusion detection using autonomous Agents, Department of Computer Science, Purdue University coast TR 98-05, [13], Online: (January 2014) [14] Snort, Online: ( December 2013). [3] Wayne Jansen, Peter Mell, Tom Karygiannis, Don Marks, Applying Mobile Agents to Intrusion Detection and Response, NIST Interim Report (IR) 6416 October [4] M.Asaka, S.Okazawa, A.Taguchi, and S.Goto, "A Method of Tracing Intruders by Use of Mobile Agents," INET'99, June [5] Michael Conner, Chirag Patel, Mike Little, Genetic Algorithm/Artificial Life Evolution of Security Vulnerability Agents, Army Research Laboratory Federal Laboratory 3rd Annual Symposium on Advanced Telecommunications & Information Distribution Research Program (ATIRP), February [6] Barrett, Michael, W. Booth, M. Conner, D. Dumas, M. Gaughan, S, Jacobs, M. Little, Intelligent Agents System Requirements and Architecture, Report to ATIRP, p. 5, October [7] P. C. Chan and Victor K. Wei, Preemptive Distributed Intrusion Detection using Mobile Agents, Department of Information. [8] Pradeep Kannadiga and Mohammad Zulkernine, A Distributed Intrusion Detection System Using Mobile Agents, School of Computing Queen s University, Kingston Ontario, Canada K7L 3N, DIDMA:, 2005 IEEE. [9] G. Helmer et al., Lightweight, Agents for intrusion detection, The Journal of Systems and Software 67 (2003) [10] Geetha Ramachandran and Delbert Hart, A P2P Intrusion Detection System based on Mobile Agents, 2004 ACM /04/04. [11] Dastjerdi, Amir Vahid, Kamalrulnizam Abu Bakar, and Sayed Gholam Hassan Tabatabaei. Distributed intrusion detection in clouds using mobile agents. Advanced Engineering Computing and Applications in Sciences, ADVCOMP'09. Third International Conference on. IEEE, [12] Mell, P. &Grance, T., 2011, The NIST Definition of Cloud Computing, NIST Special Publication (Draft). Retrieved )
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile Agent
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile Agent Chintan Bhatt 1, Asha Koshti 2,Hemant Agrawal 3, Zakiya Malek 4, Dr Bhushan Trivedi 5 MCA Dept.,GLS Institute of Computer
More informationDistributed Intrusion Detection System Using Mobile Agent Technology
Distributed Intrusion Detection System Using Mobile Agent Technology Kajal K. Nandeshwar, Komal B. Bijwe Department of Computer Science and Engineering, P. R. Pote (Patil) College of Engineering, Amravati,
More informationSecurity Issues In Cloud Computing and Countermeasures
Security Issues In Cloud Computing and Countermeasures Shipra Dubey 1, Suman Bhajia 2 and Deepika Trivedi 3 1 Department of Computer Science, Banasthali University, Jaipur, Rajasthan / India 2 Department
More informationPerspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory
Perspectives on Cloud Computing and Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory Standardization and Cloud Computing Cloud computing is a convergence of many technologies Some
More informationIntrusion Detection from Simple to Cloud
Intrusion Detection from Simple to Cloud ICTN 6865 601 December 7, 2015 Abstract Intrusion detection was used to detect security vulnerabilities for a long time. The methods used in intrusion detection
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationA NOVEL APPROACH FOR PROTECTING EXPOSED INTRANET FROM INTRUSIONS
A NOVEL APPROACH FOR PROTECTING EXPOSED INTRANET FROM INTRUSIONS K.B.Chandradeep Department of Centre for Educational Technology, IIT Kharagpur, Kharagpur, India kbchandradeep@gmail.com ABSTRACT This paper
More informationThe Magical Cloud. Lennart Franked. Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall.
The Magical Cloud Lennart Franked Department for Information and Communicationsystems (ICS), Mid Sweden University, Sundsvall. 2014-10-20 Lennart Franked (MIUN IKS) The Magical Cloud 2014-10-20 1 / 35
More informationNational Institute of Standards and Technology
1 Title: Author: Affiliation: Postal Address: Network Security Testing Using Mobile Agents T. Karygiannis National Institute of Standards and Technology NIST Information Technology Laboratory Building
More informationSecuring Cloud using Third Party Threaded IDS
Securing Cloud using Third Party Threaded IDS Madagani Rajeswari, Madhu babu Janjanam 1 Student, Dept. of CSE, Vasireddy Venkatadri Institute of Technology, Guntur, AP 2 Assistant Professor, Dept. of CSE,
More informationInternational Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 ISSN 2229-5518
International Journal of Scientific & Engineering Research, Volume 6, Issue 5, May-2015 1681 Software as a Model for Security in Cloud over Virtual Environments S.Vengadesan, B.Muthulakshmi PG Student,
More informationADMINISTRATION AND CONFIGURATION OF HETEROGENEOUS NETWORKS USING AGLETS
ANNALS OF THE FACULTY OF ENGINEERING HUNEDOARA 2006, Tome IV, Fascicole 1, (ISSN 1584 2665) FACULTY OF ENGINEERING HUNEDOARA, 5, REVOLUTIEI, 331128, HUNEDOARA ADMINISTRATION AND CONFIGURATION OF HETEROGENEOUS
More informationSecurity Considerations for Public Mobile Cloud Computing
Security Considerations for Public Mobile Cloud Computing Ronnie D. Caytiles 1 and Sunguk Lee 2* 1 Society of Science and Engineering Research Support, Korea rdcaytiles@gmail.com 2 Research Institute of
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationMobility-Enhanced File Integrity Analyzer For Networked Environments
Mobility-Enhanced File Integrity Analyzer For Networked Environments Guantong Wang, Ronald F. DeMara, Adam J. Rocke Department of Electrical and Computer Engineering University of Central Florida Orlando,
More informationApplying Mobile Agent Technology to Intrusion Detection
Applying Mobile Agent Technology to Intrusion Detection Christopher Krügel chris@infosys.tuwien.ac.at ABSTRACT The increasing number of network security related incidents makes it necessary for organizations
More informationManaging Intrusion Detection as a Service in Cloud Networks
Managing Intrusion Detection as a Service in Cloud Networks Hatem Hamad The Islamic University of Gaza Gaza, Palestine Mahmoud Al-Hoby The Islamic University of Gaza Gaza, Palestine ABSTRACT Cloud computing
More informationIntrusion Detection for Grid and Cloud Computing
Intrusion Detection for Grid and Cloud Computing Author Kleber Vieira, Alexandre Schulter, Carlos Becker Westphall, and Carla Merkle Westphall Federal University of Santa Catarina, Brazil Content Type
More informationKeywords Distributed Computing, On Demand Resources, Cloud Computing, Virtualization, Server Consolidation, Load Balancing
Volume 5, Issue 1, January 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Survey on Load
More informationThe NIST Definition of Cloud Computing (Draft)
Special Publication 800-145 (Draft) The NIST Definition of Cloud Computing (Draft) Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication
More informationNetwork Security Demonstration - Snort based IDS Integration -
Network Security Demonstration - Snort based IDS Integration - Hyuk Lim (hlim@gist.ac.kr) with TJ Ha, CW Jeong, J Narantuya, JW Kim Wireless Communications and Networking Lab School of Information and
More informationADVANCE SECURITY TO CLOUD DATA STORAGE
Journal homepage: www.mjret.in ADVANCE SECURITY TO CLOUD DATA STORAGE ISSN:2348-6953 Yogesh Bhapkar, Mitali Patil, Kishor Kale,Rakesh Gaikwad ISB&M, SOT, Pune, India Abstract: Cloud Computing is the next
More informationAn Architecture Model of Sensor Information System Based on Cloud Computing
An Architecture Model of Sensor Information System Based on Cloud Computing Pengfei You, Yuxing Peng National Key Laboratory for Parallel and Distributed Processing, School of Computer Science, National
More informationSECURITY IN SERVICE LEVEL AGREEMENTS FOR CLOUD COMPUTING
SECURITY IN SERVICE LEVEL AGREEMENTS FOR CLOUD COMPUTING Karin Bernsmed, Martin Gilje Jaatun SINTEF Information and Communication Technology, Trondheim, Norway Karin.Bernsmed@sintef.no, Martin.G.Jaatun@sintef.no
More informationIntrusion Detection: Game Theory, Stochastic Processes and Data Mining
Intrusion Detection: Game Theory, Stochastic Processes and Data Mining Joseph Spring 7COM1028 Secure Systems Programming 1 Discussion Points Introduction Firewalls Intrusion Detection Schemes Models Stochastic
More informationNIST Cloud Computing Reference Architecture
NIST Cloud Computing Reference Architecture Version 1 March 30, 2011 2 Acknowledgements This reference architecture was developed and prepared by Dr. Fang Liu, Jin Tong, Dr. Jian Mao, Knowcean Consulting
More informationLecture 02b Cloud Computing II
Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,
More informationVirtual Machines and Security Paola Stone Martinez East Carolina University November, 2013.
Virtual Machines and Security Paola Stone Martinez East Carolina University November, 2013. Keywords: virtualization, virtual machine, security. 1. Virtualization The rapid growth of technologies, nowadays,
More informationBuilding Secure Systems using Mobile Agents
Building Secure Systems using Mobile Agents By Muhammad Awais Shibli MASTERS THESIS In Partial Fulfillment of the Requirements For Degree of Master of Science Submitted to SecLab Department of Computer
More informationOn Ubiquitous Network Security and Anomaly Detection *
On Ubiquitous Network Security and Anomaly Detection * Colin Van Dyke Çetin K. Koç Electrical & Computer Engineering Oregon State University {vandyke,koc}@ece.orst.edu Abstract As networking trends move
More informationBio-inspired mechanisms for efficient and adaptive network security
Bio-inspired mechanisms for efficient and adaptive network security Falko Dressler Computer Networks and Communication Systems University of Erlangen-Nuremberg, Germany dressler@informatik.uni-erlangen.de
More informationA Survey on Cloud Security Issues and Techniques
A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com
More informationEnsuring Security in Cloud with Multi-Level IDS and Log Management System
Ensuring Security in Cloud with Multi-Level IDS and Log Management System 1 Prema Jain, 2 Ashwin Kumar PG Scholar, Mangalore Institute of Technology & Engineering, Moodbidri, Karnataka1, Assistant Professor,
More informationA Strawman Model. NIST Cloud Computing Reference Architecture and Taxonomy Working Group. January 3, 2011
A Strawman Model NIST Cloud Computing Reference Architecture and Taxonomy Working Group January 3, 2011 Objective Our objective is to define a neutral architecture consistent with NIST definition of cloud
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationSecurity Model for VM in Cloud
Security Model for VM in Cloud 1 Venkataramana.Kanaparti, 2 Naveen Kumar R, 3 Rajani.S, 4 Padmavathamma M, 5 Anitha.C 1,2,3,5 Research Scholars, 4Research Supervisor 1,2,3,4,5 Dept. of Computer Science,
More informationAdvancement in Virtualization Based Intrusion Detection System in Cloud Environment
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,
More informationSecurity Issues On Cloud Computing
Security Issues On Cloud Computing Pratibha Tripathi #1, Mohammad Suaib #2 1 M.Tech(CSE), Second year 2 Research Guide # Department of Computer Science and Engineering Abstract Integral University, Lucknow
More informationHybrid Cloud Backup and Recovery Software. Virtualization Support Real Backups of Virtual Environments
Hybrid Cloud Backup and Recovery Software Virtualization Support Asigra Inc. 1120 Finch Avenue West, Suite 400 Toronto, ON Canada M3J 3H7 tel: 416-736-8111 fax: 416-736-7120 email: info@asigra.com www.recoveryourcool.com
More informationAn Alternative Model Of Virtualization Based Intrusion Detection System In Cloud Computing
An Alternative Model Of Virtualization Based Intrusion Detection System In Cloud Computing Partha Ghosh, Ria Ghosh, Ruma Dutta Abstract: The massive jumps in technology led to the expansion of Cloud Computing
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationHybrid Approach of Client-Server Model and Mobile Agent Technology to Drive an E-Commerce Application
Hybrid Approach of Client-Server Model and Mobile Agent Technology to Drive an E-Commerce Application Ajab Maheshwari PG Scholar, IT Dept, IET-DAVV, Indore (M.P.), India. Dr. Pratosh Bansal Associate Professor,
More informationPerspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009
Perspectives on Moving to the Cloud Paradigm and the Need for Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 2 NIST Cloud Computing Resources NIST Draft Definition of
More informationRunning head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1
Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Taking a Deeper Look at the Cloud: Solution or Security Risk? LoyCurtis Smith East Carolina University TAKING A DEEPER LOOK AT THE CLOUD:
More informationA Review of Anomaly Detection Techniques in Network Intrusion Detection System
A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In
More informationDIR Contract Number DIR-TSO-2621 Appendix C Pricing Index
DIR Contract Number DIR-TSO-2621 Appendix C Index CenturyLink Technology s offers Tier 3 Cloud services: Public Cloud, Private Cloud and Hybrid Cloud provided over our Tier One network. We own and operate
More informationThe NIST Definition of Cloud Computing
Special Publication 800-145 The NIST Definition of Cloud Computing Recommendations of the National Institute of Standards and Technology Peter Mell Timothy Grance NIST Special Publication 800-145 The NIST
More informationDISTRIBUTED FIREWALLS AND IDS INTEROPERABILITY CHECKING BASED ON A FORMAL APPROACH
DISTRIBUTED FIREWALLS AND IDS INTEROPERABILITY CHECKING BASED ON A FORMAL APPROACH Kamel Karoui 1, Fakher Ben Ftima 2 and Henda Ben Ghezala 3 1 RIADI, ENSI, University of Manouba, Manouba, Tunisia kamel.karoui@insat.rnu.tn
More informationImplementation of Botcatch for Identifying Bot Infected Hosts
Implementation of Botcatch for Identifying Bot Infected Hosts GRADUATE PROJECT REPORT Submitted to the Faculty of The School of Engineering & Computing Sciences Texas A&M University-Corpus Christi Corpus
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationA SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM
A SURVEY ON GENETIC ALGORITHM FOR INTRUSION DETECTION SYSTEM MS. DIMPI K PATEL Department of Computer Science and Engineering, Hasmukh Goswami college of Engineering, Ahmedabad, Gujarat ABSTRACT The Internet
More informationComprehensive Monitoring of VMware vsphere ESX & ESXi Environments
Comprehensive Monitoring of VMware vsphere ESX & ESXi Environments Table of Contents Overview...3 Monitoring VMware vsphere ESX & ESXi Virtual Environment...4 Monitoring using Hypervisor Integration...5
More informationWhite Paper. What Auditors Want Database Auditing. 5 Key Questions Auditors Ask During a Database Compliance Audit
5 Key Questions Auditors Ask During a Database Compliance Audit White Paper Regulatory legislation is increasingly driving the expansion of formal enterprise audit processes to include information technology
More informationAPPLICATION OF MULTI-AGENT SYSTEMS FOR NETWORK AND INFORMATION PROTECTION
18-19 September 2014, BULGARIA 137 Proceedings of the International Conference on Information Technologies (InfoTech-2014) 18-19 September 2014, Bulgaria APPLICATION OF MULTI-AGENT SYSTEMS FOR NETWORK
More informationIaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures
IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures Dr. Sanjay P. Ahuja, Ph.D. 2010-14 FIS Distinguished Professor of Computer Science School of Computing, UNF Introduction
More informationCloud Courses Description
Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationFrom Network Security To Content Filtering
Computer Fraud & Security, May 2007 page 1/10 From Network Security To Content Filtering Network security has evolved dramatically in the last few years not only for what concerns the tools at our disposals
More informationEAaaS Cloud Security Best Practices
EAaaS Cloud Security Best Practices A Technical White Paper by Sennovate Inc Jan 2013 EAaaS Cloud Security Best Practices Page 1 Introduction: Cloud security is an ever evolving subject that is difficult
More informationTIME SCHEDULE. 1 Introduction to Computer Security & Cryptography 13
COURSE TITLE : INFORMATION SECURITY COURSE CODE : 5136 COURSE CATEGORY : ELECTIVE PERIODS/WEEK : 4 PERIODS/SEMESTER : 52 CREDITS : 4 TIME SCHEDULE MODULE TOPICS PERIODS 1 Introduction to Computer Security
More informationCS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013
CS 356 Lecture 17 and 18 Intrusion Detection Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists
More informationREMOTE ASSISTANCE SOLUTIONS Private Server
REMOTE ASSISTANCE SOLUTIONS Private Server UBIQUITY components Control Center: client on the remote assistance PC Ubiquity Runtime: software installed on the remote device Ubiquity Server Infrastructure:
More informationCloud Database Storage Model by Using Key-as-a-Service (KaaS)
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 4 Issue 7 July 2015, Page No. 13284-13288 Cloud Database Storage Model by Using Key-as-a-Service (KaaS) J.Sivaiah
More informationVirtual Host based Intrusion Detection System for Cloud
Virtual Host based Intrusion Detection System for Cloud Manthira Moorthy S #1, Rajeswari M #2 # Department of Computer Science and Engineering, Hindustan University P.O.Box No.1, Rajiv Gandhi Salai (OMR),
More informationMonitoring for network security and management. Cyber Solutions Inc.
Monitoring for network security and management Cyber Solutions Inc. Why monitoring? Health check of networked node Usage and load evaluation for optimizing the configuration Illegal access detection for
More informationComputer Network Intrusion Detection, Assessment And Prevention Based on Security Dependency Relation
Computer Network Intrusion Detection, Assessment And Prevention Based on Security Dependency Relation Stephen S. Yau and Xinyu Zhang Computer Science and Engineering Department Arizona State University
More informationSmokey: A User-Based Distributed Firewall System
Smokey: A User-Based Distributed Firewall System Rachel Rubin Department of Computer Science University of California, Berkeley Berkeley, CA 94704 rrubin@cs.berkeley.edu Abstract Traditional intranets
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationIBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation
IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing
More informationVulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem
Vulnerabilities of Intrusion Detection Systems in Mobile Ad-hoc Networks - The routing problem Ernesto Jiménez Caballero Helsinki University of Technology erjica@gmail.com Abstract intrusion detection
More informationhttp://www.cisjournal.org A Conceptual Architectural Framework of Cloud Computing for Higher Educational Institutions in the Sultanate of Oman 1
A Conceptual Architectural Framework of Cloud Computing for Higher Educational Institutions in the Sultanate of Oman 1 Zeyana Saif Alkindi, 2 John Haynes, 3 S. Arockiasamy 1 Demonstrator, Information Systems,
More informationImplementation of a Department Local Area Network Management System
Implementation of a Department Local Area Network Management System I-Ping Hsieh Lai-Ming Shiue Shang-Juh Kao Department of Computer Science Department of Applied Mathematics Department of Computer Science
More informationA Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services
A Study on Analysis and Implementation of a Cloud Computing Framework for Multimedia Convergence Services Ronnie D. Caytiles and Byungjoo Park * Department of Multimedia Engineering, Hannam University
More informationnext generation privilege identity management
next generation privilege identity management Nowadays enterprise IT teams are focused on adopting and supporting newer devices, applications and platforms to address business needs and keep up pace with
More informationSecurity Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1
JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us
More informationWireless Network Security
Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An
More informationNetwork & Agent Based Intrusion Detection Systems
Network & Agent Based Intrusion Detection Systems Hakan Albag TU Munich, Dep. of Computer Science Exchange Student Istanbul Tech. Uni., Dep. Of Comp. Engineering Abstract. The following document is focused
More informationA special case of outsource: on the security of cloud services requirements, tools for solving problems
A special case of outsource: on the security of cloud services requirements, tools for solving problems Dr. Katalin, CISA, CISM, CGEIT, CISSP Obuda University John von Neumann Faculty of Informatics szenes.katalin@nik.uni-obuda.hu
More informationDIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 Revision History Update this table every time a new edition of the document is
More informationSecuring the Cloud with IBM Security Systems. IBM Security Systems. 2012 IBM Corporation. 2012 2012 IBM IBM Corporation Corporation
Securing the Cloud with IBM Security Systems 1 2012 2012 IBM IBM Corporation Corporation IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns
More informationEVOLVED DATA CENTER ARCHITECTURE
EVOLVED DATA CENTER ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER DAVID NOGUER BAU HEAD OF SP SOLUTIONS MARKETING JUNIPER NETWORKS @dnoguer @JuniperNetworks 1 Copyright 2014 Juniper
More informationMeeting the Challenges of Virtualization Security
Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization
More informationWhich is Better: Virtualization or Cloud IaaS?
A White Paper Which is Better: Virtualization or Cloud IaaS? Which is Better: Virtualization or Cloud IaaS? Why should I consider Virtualization or Cloud IaaS at all? Simply put, they can save you money.
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationData Leakage: What You Need to Know
Data Leakage: What You Need to Know by Faith M. Heikkila, Pivot Group Information Security Consultant Data leakage is a silent type of threat. Your employee as an insider can intentionally or accidentally
More informationNetwork Security Using Hybrid Port Knocking
8 Network Security Using Hybrid Port Knocking Dr. Hussein Al-Bahadili and Dr. Ali H. Hadi, Arab Academy for Financial Sciences, faculty of Information Technology, Amman Jordan Arab Academy for Financial
More informationClouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst
Clouds on the Horizon Cloud Security in Today s DoD Environment Bill Musson Security Analyst Agenda O Overview of Cloud architectures O Essential characteristics O Cloud service models O Cloud deployment
More informationKEY STEPS FOLLOWING A DATA BREACH
KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,
More informationAddressing Data Security Challenges in the Cloud
Addressing Data Security Challenges in the Cloud Coordinate Security. The Need for Cloud Computing Security A Trend Micro White Paper July 2010 I. INTRODUCTION Enterprises increasingly recognize cloud
More informationCloud Security is a First Principle:
Cloud Security is a First Principle: Elements of Private Cloud Security Table of Contents Why the Security Minded are Drawn to Private Cloud Deployments....2 Security is the Driver Behind Private Clouds...3
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationyvette@yvetteagostini.it yvette@yvetteagostini.it
1 The following is merely a collection of notes taken during works, study and just-for-fun activities No copyright infringements intended: all sources are duly listed at the end of the document This work
More informationSECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY
SECURITY METRICS: MEASUREMENTS TO SUPPORT THE CONTINUED DEVELOPMENT OF INFORMATION SECURITY TECHNOLOGY Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationIncident Handling in the Cloud and Audit s Role
Incident Handling in the Cloud and Audit s Role David Cole, CPA, CISA ISACA National Capital Area Chapter Cloud Computing Conference March 17, 2015 1 Outline Cloud Service Models Cloud Types Summary of
More informationILLUMIO ADAPTIVE SECURITY PLATFORM TM
ILLUMIO ADAPTIVE SECURITY PLATFORM TM HIGHLIGHTS Security with Intelligence Illumio ASP is powered by the breakthrough PCE. The PCE contextualizes all traffic flows, services, and processes on application
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More information