Sony Attack Incident 2011
Compromised more than
Why Cloud Need Protection?
And Nested A
Current Cloud IDS Implementation
• Cloud IDS model based on Virtual Machine Monitor
– U. Tupakula, V. Varadharajan, and N. Akku
– Works only on signature based IDS
• Software as a Service IDS
– G. Nascimento and M. Correia
– Focus on SaaS Cloud Environment
– Didn’t use standard dataset for comparison
• Grid and Cloud Computing Intrusion Detection System
– K. Vieira, A. Schulter, C. Westphall, and C. Westphall
– IDS management is not centralize.
Cloud IDS Model
Dendritic Cell Mechanism
• Dendritic cells (DC) collects and present
antigens to the adaptive immune system
• Monitoring the PAMP, Safe and Danger
signal of the environment.
• Exist within three states
Figure 3: Cloud IDS Model Experiment Network
• Testing the Cloud IDS model with real
Cloud data and environment.
• Applying different machine learning
mechanism in analysing and improving
Cloud IDS result.
• Dendritic Cell is known for detecting and
killing any pathogens that infected human
tissue and cells.
• The successful of Dendritic Cell in
protecting human body will also bring a
success in protecting Cloud environment if
the same mechanism are being
implemented in the real world applications.
 D. Gollmann, "Computer security," Wiley Interdisciplinary Reviews: Computational Statistics, vol. 2, pp. 544-
 S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of Network
and Computer Applications, vol. 34, pp. 1-11, 2011.
 W. Yassin, N. Udzir, Z. Muda, A. Abdullah, and M. Abdullah, "A Cloud-based Intrusion Detection Service framework," in Cyber
Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on, 2012, pp. 213-218.
 Available online at http://www.thestar.com.my/news/nation/2015/04/26/faster-bigger-and-sharper-cyber-
 BBC, "Google and Apple among hundreds hit in high-profile Pakistan hack," 26th November, 2012 2012.
 U. Tupakula, V. Varadharajan, and N. Akku, "Intrusion detection
techniques for infrastructure as a service cloud," in Dependable, Autonomic
and Secure Computing (DASC), 2011 IEEE Ninth International Conference
on, 2011, pp. 744-751.
 G. Nascimento and M. Correia, "Anomaly-based intrusion
detection in software as a service," in Dependable Systems and Networks
Workshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on,
2011, pp. 19-24.
 K. Vieira, A. Schulter, C. Westphall, and C. Westphall, "Intrusion
detection for grid and cloud computing," IT Professional Magazine, vol. 12, p.