This document discusses a cloud intrusion detection model inspired by the dendritic cell mechanism. It begins with an introduction discussing the need for cloud protection and examples of past cloud attacks. It then discusses related work on cloud IDS models before describing the proposed dendritic cell mechanism, cloud IDS algorithm, and model. The model is tested using an experiment network and future work is proposed to test the model with real cloud data and environments.
4. Sony Attack Incident 2011
Sony
Playstation
Network
Amazon
EC2
Cloud
Compromised more than
100 million
customer accounts
5. Why Cloud Need Protection?
Distributed
And Nested A
Lot of
Information[1]
One
Target
for All
Publicly
Available
Target of
Distributed
Attack
No
Dedicated
IDS for
Cloud[2]
6. Current Cloud IDS Implementation
Need a
lot of
Self-
maintenance[3]
Different
types of
IDS
installed in
each
Cloud
Inter-VM
Attacks
will be
invisible
Network
Congestion
7. Related Works
• Cloud IDS model based on Virtual Machine Monitor
[6]
– U. Tupakula, V. Varadharajan, and N. Akku
– Works only on signature based IDS
• Software as a Service IDS[7]
– G. Nascimento and M. Correia
– Focus on SaaS Cloud Environment
– Didn’t use standard dataset for comparison
• Grid and Cloud Computing Intrusion Detection System
(GCCIDS)[8]
– K. Vieira, A. Schulter, C. Westphall, and C. Westphall
– IDS management is not centralize.
8. Cloud IDS Model
Hybrid IDS
Methdology
Centralize
IDS
management
Virtually
Mirrored
Network
Monitoring
Artificial
Immune
System Real
Implementation
9. Dendritic Cell Mechanism
• Dendritic cells (DC) collects and present
antigens to the adaptive immune system
for processing.
• Monitoring the PAMP, Safe and Danger
signal of the environment.
• Exist within three states
– Immature
– Semi-mature
– Mature
13. Future Works
• Testing the Cloud IDS model with real
Cloud data and environment.
• Applying different machine learning
mechanism in analysing and improving
Cloud IDS result.
14. Conclusion
• Dendritic Cell is known for detecting and
killing any pathogens that infected human
tissue and cells.
• The successful of Dendritic Cell in
protecting human body will also bring a
success in protecting Cloud environment if
the same mechanism are being
implemented in the real world applications.
15.
16. References
[1] D. Gollmann, "Computer security," Wiley Interdisciplinary Reviews: Computational Statistics, vol. 2, pp. 544-
554, 2010.
[2] S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of Network
and Computer Applications, vol. 34, pp. 1-11, 2011.
[3] W. Yassin, N. Udzir, Z. Muda, A. Abdullah, and M. Abdullah, "A Cloud-based Intrusion Detection Service framework," in Cyber
Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on, 2012, pp. 213-218.
[4] Available online at http://www.thestar.com.my/news/nation/2015/04/26/faster-bigger-and-sharper-cyber-
criminals-are-stepping-up-their-game-to-trick-companies-and-digitall/
[5] BBC, "Google and Apple among hundreds hit in high-profile Pakistan hack," 26th November, 2012 2012.
[6] U. Tupakula, V. Varadharajan, and N. Akku, "Intrusion detection
techniques for infrastructure as a service cloud," in Dependable, Autonomic
and Secure Computing (DASC), 2011 IEEE Ninth International Conference
on, 2011, pp. 744-751.
[7] G. Nascimento and M. Correia, "Anomaly-based intrusion
detection in software as a service," in Dependable Systems and Networks
Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on,
2011, pp. 19-24.
[8] K. Vieira, A. Schulter, C. Westphall, and C. Westphall, "Intrusion
detection for grid and cloud computing," IT Professional Magazine, vol. 12, p.
38, 2010.