SlideShare a Scribd company logo

Nice network intrusion detection and countermeasure selection in virtual network systems

Download as DOCX, PDF
JPINFOTECH JAYAPRAKASH
JPINFOTECH JAYAPRAKASH

Nice network intrusion detection and countermeasure selection in virtual network systems

EducationTechnology
1 of 9
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems ABSTRACT: Cloud security is one of most important issues that have attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor
and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution. EXISTING SYSTEM: Cloud users can install vulnerable software on their VMs, which essentially contributes to loopholes in cloud security. The challenge is to establish an effective vulnerability/attack detection and response system for accurately identifying attacks and minimizing the impact of security breach to cloud users. In a cloud system where the infrastructure is shared by potentially millions of users, abuse and nefarious use of the shared infrastructure benefits attackers to exploit vulnerabilities of the cloud and use its resource to deploy attacks in more efficient ways. Such attacks are more effective in the cloud environment since cloud users usually share computing resources, e.g., being connected through the same switch, sharing with the same data storage and file systems, even with potential attackers. The similar setup for VMs in the cloud, e.g., virtualization techniques, VM OS,
installed vulnerable software, networking, etc., attracts attackers to compromise multiple VMs. DISADVANTAGES OF EXISTING SYSTEM: 1. No detection and prevention framework in a virtual networking environment. 2. Not accuracy in the attack detection from attackers. PROPOSED SYSTEM: In this article, we propose NICE (Network Intrusion detection and Countermeasure selection in virtual network systems) to establish a defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to compromise VMs, thus preventing zombie VMs. ADVANTAGES OF PROPOSED SYSTEM: The contributions of NICE are presented as follows:
 We devise NICE, a new multi-phase distributed network intrusion detection and prevention framework in a virtual networking environment that captures and inspects suspicious cloud traffic without interrupting users’ applications and cloud services.  NICE incorporates a software switching solution to quarantine and inspect suspicious VMs for further investigation and protection. Through programmable network approaches, NICE can improve the attack detection probability and improve the resiliency to VM exploitation attack without interrupting existing normal cloud services.  NICE employs a novel attack graph approach for attack detection and prevention by correlating attack behavior and also suggests effective countermeasures.  NICE optimizes the implementation on cloud servers to minimize resource consumption. Our study shows that NICE consumes less computational overhead compared to proxy-based network intrusion detection solutions.
SYSTEM ARCHITECTURE: ALGORITHM USED:  Alert Correlation Algorithm  Countermeasure Selection Algorithm
SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:-  Processor - Pentium –IV  Speed - 1.1 Ghz  RAM - 256 MB(min)  Hard Disk - 20 GB  Key Board - Standard Windows Keyboard  Mouse - Two or Three Button Mouse  Monitor - SVGA SOFTWARE CONFIGURATION:-  Operating System : Windows XP  Programming Language : JAVA  Java Version : JDK 1.6 & above.
REFERENCE: Chun-Jen Chung, Student Member, IEEE, Pankaj Khatkar, Student Member, IEEE, Tianyi Xing, Jeongkeun Lee, Member, IEEE, and Dijiang Huang Senior Member, IEEE-“ NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems”- IEEE TRANSACTIONS ON DEPEDABLE AND SECURE COMPUTING 2013

Recommended

Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureIEEEFINALYEARPROJECTS
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)Mumbai Academisc
 
Network Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionNetwork Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionPramod M Mithyantha
 
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...Migrant Systems
 
Next Generation Firewalls
Next Generation FirewallsNext Generation Firewalls
Next Generation FirewallsThe eCore Group
 
Inherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsInherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsOPNFV
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 

Recommended

Nice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureNice network intrusion detection and countermeasure
Nice network intrusion detection and countermeasureIEEEFINALYEARPROJECTS
 
Network Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICENetwork Intrusion detection and Countermeasure sElection(NICE
Network Intrusion detection and Countermeasure sElection(NICEPranya Prabhakar
 
A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)A wireless intrusion detection system and a new attack model (synopsis)
A wireless intrusion detection system and a new attack model (synopsis)Mumbai Academisc
 
Network Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionNetwork Intrusion Detection and Countermeasure Selection
Network Intrusion Detection and Countermeasure SelectionPramod M Mithyantha
 
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...
NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Net...Migrant Systems
 
Next Generation Firewalls
Next Generation FirewallsNext Generation Firewalls
Next Generation FirewallsThe eCore Group
 
Inherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsInherent Security Design Patterns for SDN/NFV Deployments
Inherent Security Design Patterns for SDN/NFV DeploymentsOPNFV
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFVOPNFV
 
Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networksCisco Canada
 
Cisco NGFW AMP
Cisco NGFW AMPCisco NGFW AMP
Cisco NGFW AMPCisco Canada
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhereCisco Canada
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Winston Morton
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Pamela Dempster
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Security Session
 
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...IJIR JOURNALS IJIRUSA
 
Proactive Security That Works
Proactive Security That WorksProactive Security That Works
Proactive Security That WorksBrett L. Scott
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) CodeMark Nunnikhoven
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版Ploynatcha Akkaraputtipat
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníMarketingArrowECS_CZ
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the CloudSVForum Cloud SIG
 
Wireless sensor network security issues
Wireless sensor network security issuesWireless sensor network security issues
Wireless sensor network security issuesMaha Saad
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Target tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksTarget tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksJPINFOTECH JAYAPRAKASH
 

More Related Content

What's hot

Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networksCisco Canada
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927Todd Deshane
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhereCisco Canada
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Winston Morton
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Pamela Dempster
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Security Session
 
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...IJIR JOURNALS IJIRUSA
 
Proactive Security That Works
Proactive Security That WorksProactive Security That Works
Proactive Security That WorksBrett L. Scott
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...OK2OK
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) CodeMark Nunnikhoven
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta swet4
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníMarketingArrowECS_CZ
 
Wireless sensor network security issues
Wireless sensor network security issuesWireless sensor network security issues
Wireless sensor network security issuesMaha Saad
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastJuniper Networks
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 

What's hot (20)

Cisco amp for networks
Cisco amp for networksCisco amp for networks
Cisco amp for networks
 
Cisco NGFW AMP
Cisco NGFW AMPCisco NGFW AMP
Cisco NGFW AMP
 
Ece seminar 20070927
Ece seminar 20070927Ece seminar 20070927
Ece seminar 20070927
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhere
 
Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015Network Function Virtualization - Security Best Practices AtlSecCon 2015
Network Function Virtualization - Security Best Practices AtlSecCon 2015
 
Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050Poster_PamelaDempster_40096050
Poster_PamelaDempster_40096050
 
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
Insights of a brute-forcing botnet / VERONICA VALEROS [CISCO]
 
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
Ijirsm bhargavi-ka-robust-distributed-security-using-stateful-csg-based-distr...
 
Proactive Security That Works
Proactive Security That WorksProactive Security That Works
Proactive Security That Works
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpoints
 
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
Optimize your AWS FEST - N2WS session - Addressing the Relentless Threat of R...
 
Infrastructure as (Secure) Code
Infrastructure as (Secure) CodeInfrastructure as (Secure) Code
Infrastructure as (Secure) Code
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
Presentation1 shweta
Presentation1 shweta Presentation1 shweta
Presentation1 shweta
 
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešeníAdvanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
 
Encryption in the Cloud
Encryption in the CloudEncryption in the Cloud
Encryption in the Cloud
 
Wireless sensor network security issues
Wireless sensor network security issuesWireless sensor network security issues
Wireless sensor network security issues
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning Fast
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 

Viewers also liked

Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsJPINFOTECH JAYAPRAKASH
 
Target tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksTarget tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksJPINFOTECH JAYAPRAKASH
 
Mona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudMona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudJPINFOTECH JAYAPRAKASH
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storageJPINFOTECH JAYAPRAKASH
 
Annotating search results from web databases
Annotating search results from web databasesAnnotating search results from web databases
Annotating search results from web databasesJPINFOTECH JAYAPRAKASH
 
How long to wait predicting bus arrival time with mobile phone based particip...
How long to wait predicting bus arrival time with mobile phone based particip...How long to wait predicting bus arrival time with mobile phone based particip...
How long to wait predicting bus arrival time with mobile phone based particip...JPINFOTECH JAYAPRAKASH
 
Effective risk communication for android apps
Effective risk communication for android appsEffective risk communication for android apps
Effective risk communication for android appsJPINFOTECH JAYAPRAKASH
 
Anomaly detection via online over sampling principal component analysis
Anomaly detection via online over sampling principal component analysisAnomaly detection via online over sampling principal component analysis
Anomaly detection via online over sampling principal component analysisJPINFOTECH JAYAPRAKASH
 
Reversible data hiding with optimal value transfer
Reversible data hiding with optimal value transferReversible data hiding with optimal value transfer
Reversible data hiding with optimal value transferJPINFOTECH JAYAPRAKASH
 
Bahg back bone-assisted hop greedy routing for vanet’s city environments
Bahg back bone-assisted hop greedy routing for vanet’s city environmentsBahg back bone-assisted hop greedy routing for vanet’s city environments
Bahg back bone-assisted hop greedy routing for vanet’s city environmentsJPINFOTECH JAYAPRAKASH
 
A new algorithm for inferring user search goals with feedback sessions
A new algorithm for inferring user search goals with feedback sessionsA new algorithm for inferring user search goals with feedback sessions
A new algorithm for inferring user search goals with feedback sessionsJPINFOTECH JAYAPRAKASH
 
Target tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksTarget tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksJPINFOTECH JAYAPRAKASH
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devicesJPINFOTECH JAYAPRAKASH
 
Emap expedite message authentication protocol for vehicular ad hoc networks
Emap expedite message authentication protocol for vehicular ad hoc networksEmap expedite message authentication protocol for vehicular ad hoc networks
Emap expedite message authentication protocol for vehicular ad hoc networksJPINFOTECH JAYAPRAKASH
 
Eaack—a secure intrusion detection system for manets ns2
Eaack—a secure intrusion detection system for manets ns2Eaack—a secure intrusion detection system for manets ns2
Eaack—a secure intrusion detection system for manets ns2JPINFOTECH JAYAPRAKASH
 

Viewers also liked (17)

Privacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public cloudsPrivacy preserving delegated access control in public clouds
Privacy preserving delegated access control in public clouds
 
Target tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksTarget tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networks
 
Mona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloudMona secure multi owner data sharing for dynamic groups in the cloud
Mona secure multi owner data sharing for dynamic groups in the cloud
 
2015 2016 ieee dot net project titles
2015 2016 ieee dot net project titles2015 2016 ieee dot net project titles
2015 2016 ieee dot net project titles
 
Privacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storagePrivacy preserving public auditing for secure cloud storage
Privacy preserving public auditing for secure cloud storage
 
Annotating search results from web databases
Annotating search results from web databasesAnnotating search results from web databases
Annotating search results from web databases
 
How long to wait predicting bus arrival time with mobile phone based particip...
How long to wait predicting bus arrival time with mobile phone based particip...How long to wait predicting bus arrival time with mobile phone based particip...
How long to wait predicting bus arrival time with mobile phone based particip...
 
Effective risk communication for android apps
Effective risk communication for android appsEffective risk communication for android apps
Effective risk communication for android apps
 
Anomaly detection via online over sampling principal component analysis
Anomaly detection via online over sampling principal component analysisAnomaly detection via online over sampling principal component analysis
Anomaly detection via online over sampling principal component analysis
 
Reversible data hiding with optimal value transfer
Reversible data hiding with optimal value transferReversible data hiding with optimal value transfer
Reversible data hiding with optimal value transfer
 
2015 2016 ieee vlsi project titles
2015 2016 ieee vlsi project titles2015 2016 ieee vlsi project titles
2015 2016 ieee vlsi project titles
 
Bahg back bone-assisted hop greedy routing for vanet’s city environments
Bahg back bone-assisted hop greedy routing for vanet’s city environmentsBahg back bone-assisted hop greedy routing for vanet’s city environments
Bahg back bone-assisted hop greedy routing for vanet’s city environments
 
A new algorithm for inferring user search goals with feedback sessions
A new algorithm for inferring user search goals with feedback sessionsA new algorithm for inferring user search goals with feedback sessions
A new algorithm for inferring user search goals with feedback sessions
 
Target tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networksTarget tracking and mobile sensor navigation in wireless sensor networks
Target tracking and mobile sensor navigation in wireless sensor networks
 
Context based access control systems for mobile devices
Context based access control systems for mobile devicesContext based access control systems for mobile devices
Context based access control systems for mobile devices
 
Emap expedite message authentication protocol for vehicular ad hoc networks
Emap expedite message authentication protocol for vehicular ad hoc networksEmap expedite message authentication protocol for vehicular ad hoc networks
Emap expedite message authentication protocol for vehicular ad hoc networks
 
Eaack—a secure intrusion detection system for manets ns2
Eaack—a secure intrusion detection system for manets ns2Eaack—a secure intrusion detection system for manets ns2
Eaack—a secure intrusion detection system for manets ns2
 

Similar to Nice network intrusion detection and countermeasure selection in virtual network systems

JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...IEEEGLOBALSOFTTECHNOLOGIES
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Editor IJCATR
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionUvaraj Shan
 
Secure intrusion detection and attack measure selection in virtual network sy...
Secure intrusion detection and attack measure selection in virtual network sy...Secure intrusion detection and attack measure selection in virtual network sy...
Secure intrusion detection and attack measure selection in virtual network sy...Uvaraj Shan
 
IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET Journal
 
Malware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructuresMalware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructuresieeepondy
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudSwapna Shetye
 
Prevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxPrevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxNoorFathima60
 
Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud allan sam
 
original research papers
original research papersoriginal research papers
original research papersrikaseorika
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...IJIR JOURNALS IJIRUSA
 
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...IEEEGLOBALSOFTSTUDENTSPROJECTS
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEEMEMTECHSTUDENTPROJECTS
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...Shakas Technologies
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...JPINFOTECH JAYAPRAKASH
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentIJTET Journal
 

Similar to Nice network intrusion detection and countermeasure selection in virtual network systems (20)

JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT NICE: Network Intrusion Detection and ...
 
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
Evasion Streamline Intruders Using Graph Based Attacker model Analysis and Co...
 
Secure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selectionSecure intrusion detection and attack measure selection
Secure intrusion detection and attack measure selection
 
Secure intrusion detection and attack measure selection in virtual network sy...
Secure intrusion detection and attack measure selection in virtual network sy...Secure intrusion detection and attack measure selection in virtual network sy...
Secure intrusion detection and attack measure selection in virtual network sy...
 
IRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in CloudIRJET- Developing an Algorithm to Detect Malware in Cloud
IRJET- Developing an Algorithm to Detect Malware in Cloud
 
Malware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructuresMalware detection in cloud computing infrastructures
Malware detection in cloud computing infrastructures
 
VAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus CloudVAPT- A Service on Eucalyptus Cloud
VAPT- A Service on Eucalyptus Cloud
 
Prevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptxPrevention of Vulnerable Virtual Machines against DDOS.pptx
Prevention of Vulnerable Virtual Machines against DDOS.pptx
 
C43021014
C43021014C43021014
C43021014
 
Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud Fine grained two-factor access control for cloud
Fine grained two-factor access control for cloud
 
M43057580
M43057580M43057580
M43057580
 
original research papers
original research papersoriginal research papers
original research papers
 
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
Ijirsm ashok-kumar-h-problems-and-solutions-infrastructure-as-service-securit...
 
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...
2014 IEEE DOTNET PARALLEL DISTRIBUTED PROJECT A system-for-denial-of-service-...
 
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
IEEE 2014 DOTNET PARALLEL DISTRIBUTED PROJECTS A system-for-denial-of-service...
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...
 
A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...A system for denial of-service attack detection based on multivariate correla...
A system for denial of-service attack detection based on multivariate correla...
 
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual EnvironmentSVAC Firewall Restriction with Security in Cloud over Virtual Environment
SVAC Firewall Restriction with Security in Cloud over Virtual Environment
 
www.ijerd.com
www.ijerd.comwww.ijerd.com
www.ijerd.com
 

Recently uploaded

Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxEyham Joco
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...M56BOOKSTORE PRODUCT/SERVICE
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersSabitha Banu
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementmkooblal
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

Recently uploaded (20)

Types of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptxTypes of Journalistic Writing Grade 8.pptx
Types of Journalistic Writing Grade 8.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
KSHARA STURA .pptx---KSHARA KARMA THERAPY (CAUSTIC THERAPY)————IMP.OF KSHARA ...
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
DATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginnersDATA STRUCTURE AND ALGORITHM for beginners
DATA STRUCTURE AND ALGORITHM for beginners
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Hierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of managementHierarchy of management that covers different levels of management
Hierarchy of management that covers different levels of management
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 

Nice network intrusion detection and countermeasure selection in virtual network systems

  • 1. NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems ABSTRACT: Cloud security is one of most important issues that have attracted a lot of research and development effort in past few years. Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages Open Flow network programming APIs to build a monitor
  • 2. and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution. EXISTING SYSTEM: Cloud users can install vulnerable software on their VMs, which essentially contributes to loopholes in cloud security. The challenge is to establish an effective vulnerability/attack detection and response system for accurately identifying attacks and minimizing the impact of security breach to cloud users. In a cloud system where the infrastructure is shared by potentially millions of users, abuse and nefarious use of the shared infrastructure benefits attackers to exploit vulnerabilities of the cloud and use its resource to deploy attacks in more efficient ways. Such attacks are more effective in the cloud environment since cloud users usually share computing resources, e.g., being connected through the same switch, sharing with the same data storage and file systems, even with potential attackers. The similar setup for VMs in the cloud, e.g., virtualization techniques, VM OS,
  • 3. installed vulnerable software, networking, etc., attracts attackers to compromise multiple VMs. DISADVANTAGES OF EXISTING SYSTEM: 1. No detection and prevention framework in a virtual networking environment. 2. Not accuracy in the attack detection from attackers. PROPOSED SYSTEM: In this article, we propose NICE (Network Intrusion detection and Countermeasure selection in virtual network systems) to establish a defense-in-depth intrusion detection framework. For better attack detection, NICE incorporates attack graph analytical procedures into the intrusion detection processes. We must note that the design of NICE does not intend to improve any of the existing intrusion detection algorithms; indeed, NICE employs a reconfigurable virtual networking approach to detect and counter the attempts to compromise VMs, thus preventing zombie VMs. ADVANTAGES OF PROPOSED SYSTEM: The contributions of NICE are presented as follows:
  • 4.  We devise NICE, a new multi-phase distributed network intrusion detection and prevention framework in a virtual networking environment that captures and inspects suspicious cloud traffic without interrupting users’ applications and cloud services.  NICE incorporates a software switching solution to quarantine and inspect suspicious VMs for further investigation and protection. Through programmable network approaches, NICE can improve the attack detection probability and improve the resiliency to VM exploitation attack without interrupting existing normal cloud services.  NICE employs a novel attack graph approach for attack detection and prevention by correlating attack behavior and also suggests effective countermeasures.  NICE optimizes the implementation on cloud servers to minimize resource consumption. Our study shows that NICE consumes less computational overhead compared to proxy-based network intrusion detection solutions.
  • 5. SYSTEM ARCHITECTURE: ALGORITHM USED:  Alert Correlation Algorithm  Countermeasure Selection Algorithm
  • 6.
  • 7.
  • 8. SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:-  Processor - Pentium –IV  Speed - 1.1 Ghz  RAM - 256 MB(min)  Hard Disk - 20 GB  Key Board - Standard Windows Keyboard  Mouse - Two or Three Button Mouse  Monitor - SVGA SOFTWARE CONFIGURATION:-  Operating System : Windows XP  Programming Language : JAVA  Java Version : JDK 1.6 & above.
  • 9. REFERENCE: Chun-Jen Chung, Student Member, IEEE, Pankaj Khatkar, Student Member, IEEE, Tianyi Xing, Jeongkeun Lee, Member, IEEE, and Dijiang Huang Senior Member, IEEE-“ NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems”- IEEE TRANSACTIONS ON DEPEDABLE AND SECURE COMPUTING 2013