Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cloud intrusion detection System

1,083 views

Published on

Cloud introduction and IDS in cloud network

Published in: Engineering
  • Holistic Uterine Fibroids Secrets, Eliminate Uterine Fibroids Fast, Natural cure e-book reveals all..  http://t.cn/Aig7c6mX
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Who Else Wants To Cure Their Acne, Regain Their Natural Inner Balance and Achieve LASTING Clear Skin? Click Here ◆◆◆ https://bit.ly/2SaU9sk
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Cloud intrusion detection System

  1. 1. IN THE NAME OF ALLAH Most Gracious, Most Merciful
  2. 2. Cloud Network Intrusion Detection Mohammad Sadegh Salehi By: Fall 2015 2
  3. 3. genda 01 What is CLOUD Computing? History of CLOUD Computing 02 CLOUD Types And Models 03 CLOUD Advantage and Disadvantage 04 CLOUD Intrusion Detection - article 05
  4. 4. Cloud Network Intrusion Detection Fall 2015 4 / 34 The Cloud? hat is C loud Computing CLOUD COMPUTING evolved from the term “the cloud”, Cloud Computing is the overarching ability for user to access data, application, and services remotely, using internet. THE CLOUD is a metaphor for the internet that was born from diagrams depicting the internet as a cloud. CLOUD SERVICES, or cloud computing, can be categorized into three different levels. Cloud History Cloud Types Cloud Models Adv And DisAdv Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  5. 5. Cloud Network Intrusion Detection Fall 2015 5 / 34 C loud Computing Cloud History Cloud Types Cloud Models Adv And DisAdv Cloud Components It has three components 1.) Client computers 2.) Distributed Servers 3.) Datacenters Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  6. 6. Cloud Network Intrusion Detection Fall 2015 6 / 34 C loud Computing Cloud History Cloud Types Cloud Models Adv And DisAdv Clients  Clients are the device that the end user interact with cloud.  Four types of clients: 1.) Mobile and Tablet, 2.) Thick, 3.) Thin (Most Popular), 4.) Zero (UltraThin).  It is collection of servers where application is placed and is accessed via internet. Datacenters Distributed servers  Often servers are in geographically different places, but server acts as if they are working next to each other. Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  7. 7. Cloud Network Intrusion Detection Fall 2015 7 / 34 Cloud Types Cloud Models Adv And DisAdv L loud istory Cloud Computing Cloud Computing: Past, Present and Future 1960s Ideas about computation as a public utility emerged in public discourse and literature 2001 Autonomic Computing evolved as systems to aid self-management. 1997 The word “cloud computing” was first used by information system Prof.Ramnach Chelappa. 2006 Amazon offered “Amazon Web Service” cloud computing to customers 2007 Research on Cloud Computing was undertaken by companies like Google and IBM Early 2008 Open Source AWS API-compatible platform called Eucalyptus offered private clouds. Packaging of computing resource become a metered service called Utility Computing. Mid 2008 Organization began switching from company- owned hardware to cloud services. Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  8. 8. Cloud Network Intrusion Detection Fall 2015 8 / 34 Cloud Types Cloud Models Adv And DisAdv L loud istory Cloud Computing Cloud Computing: Past, Present and Future 2009 The National science Foundation awarded approx. $5 million in grants for researching cloud computing. 2010 Microsoft Azure become commercially available. 2013 $78bn worldwide public cloud Service Market. 2015 $114.3bn worldwide public cloud Service Market. The Future of Cloud Computing: Studies predict more than 50% of all information technology will be in the cloud within the next 5 to 10 years 43% In the next 5years , hybrid clouds are expected to represent 43% of the market higher than both public and private. Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  9. 9. Cloud Network Intrusion Detection Fall 2015 9 / 34 Cloud Types Cloud Models Adv And DisAdv L loud istory Cloud Computing What we store in the Cloud Today ? By 2016 the Asia-Pacific market is expected to account for 1.5 Zb of global cloud computing usage. Notes & Research Music Address Book Calendars Business Docs Emails Photo 43 % 43 % 44 % 48 % 66 % 70 % 75 % According to a survey by Endurance International Group, The following type of data is most commonly stored on the cloud, Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  10. 10. Cloud Network Intrusion Detection Fall 2015 10 / 34 Cloud History Cloud Models Adv And DisAdv Cloud Computing Public, Private or Hybrid??  In The “Cloud” infrastructure, platforms, software or processes are provided by external IT services.  There are some key point to consider when deciding which cloud is to be used: To what extent application that want to move to the cloud are essential for business. Data protection requirements. Applications Workloads. Application integration with other business Function. L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  11. 11. Cloud Network Intrusion Detection Fall 2015 11 / 34 Cloud History Cloud Models Adv And DisAdv Cloud Computing Public CLOUD: Data (text messages, mails, documents …). Metadata (origin, destination, text length, time , call duration) Applications, storage and other resources are available through the service provider. The public cloud is usually maintained and managed by a service provider unrelated to the end customer. Service Provider Services applications and storage is available to users via internet, “as a service”, usually with a pay per use system. L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  12. 12. Cloud Network Intrusion Detection Fall 2015 12 / 34 Cloud History Cloud Models Adv And DisAdv Cloud Computing Public CLOUD (cont): Reduces complexity and deadlines because of its fixed structure Provide less options For security and Output customization Service Provider The economy of scale that allows the public cloud computing technology makes it particularly attractive STABLE FOR Companies that need to be in the market quickly. Business subjected to less regulatory restriction. Companies looking to outsource part or all of their IT requirements. L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  13. 13. Cloud Network Intrusion Detection Fall 2015 13 / 34 Cloud History Cloud Models Adv And DisAdv Cloud Computing Private CLOUD: Company Servers External Provider Companies install their own servers and storage hardware's. You can move workloads between servers when demand peaks occur or to introduce new applications. Unshared resource Increased storage capacity: Advanced security solutions high availability and fault tolerance that have no place in the public cloud. Require a high level of commitment by both the corporation and IT departments. L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  14. 14. Cloud Network Intrusion Detection Fall 2015 14 / 34 Cloud History Cloud Models Adv And DisAdv Cloud Computing Private CLOUD (cont): STABLE FOR Companies that must comply with strict regulation Crucial applications for the company L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  15. 15. Cloud Network Intrusion Detection Fall 2015 15 / 34 PUBLIC PRIVATE Images, Video, documents,… Account Management Payment Services, … Cloud History Cloud Models Adv And DisAdv Cloud Computing ybrid CLOUD: Cost advantages and scale of public clouds, combined with the superior control of private. Usually, companies run an application mainly in the private cloud while public cloud is used to cover peak in demand. Moderate initial investment. Platform scalability. L loud Types Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  16. 16. Cloud Network Intrusion Detection Fall 2015 16 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing S ervice Models are the reference models on which the Cloud Computing is based. These can be categorized into three basic service models as listed below:  Infrastructure as a Service (IaaS)  Platform as a Service (PaaS)  Software as a Service (SaaS) Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  17. 17. Cloud Network Intrusion Detection Fall 2015 17 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing I nfrastructure as a Service (IaaS)  Usually billed based on usage  Usually multi tenant virtualized environment  Can be coupled with Managed Services for OS and application support IaaS is a model where service providers offer pools of abstract IT infrastructure resources  servers, storage, and network component,…  pay-per-usage model The service provider owns the equipment and is responsible for housing, cooling, operation and maintenanceProposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  18. 18. Cloud Network Intrusion Detection Fall 2015 18 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing I nfrastructure as a Service (IaaS)- (cont) IaaS Examples: Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  19. 19. Cloud Network Intrusion Detection Fall 2015 19 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing I latform as a Service (PaaS)- (cont)  PaaS provides the runtime environment for applications, development & deployment tools, etc.  PaaS provides all of the facilities required to support the complete life cycle of building and delivering web applications and services entirely from the Internet.  Typically applications must be developed with a particular platform in mind  Multi tenant environments  Highly scalable multi tier architecture Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  20. 20. Cloud Network Intrusion Detection Fall 2015 20 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing I latform as a Service (PaaS)- (cont) PaaS Examples: Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  21. 21. Cloud Network Intrusion Detection Fall 2015 21 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing I oftware as a Service (SaaS) SaaS model allows to use software applications as a service to end users. SaaS is a software delivery methodology that provides licensed multi-tenant access to software and its functions remotely as a Web-based service.  Usually billed based on usage  Usually multi tenant environment  Highly scalable architecture The Future of Application in the cloud Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  22. 22. Cloud Network Intrusion Detection Fall 2015 22 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing Saas Examples: Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References I ervice as a Service (SaaS)
  23. 23. Cloud Network Intrusion Detection Fall 2015 23 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References Application Data Runtime Middleware O/S Virtualization Servers Storage Networking Application Data Runtime Middleware O/S Virtualization Servers Storage Networking Application Data Runtime Middleware O/S Virtualization Servers Storage Networking PaaS IaaS hostBuildConsume ManagebyServiceProvider ManagebyClient
  24. 24. Cloud Network Intrusion Detection Fall 2015 24 / 34 L loud Models Cloud History Cloud Types Adv And DisAdv Cloud Computing PaaS: Rapid development at low cost. Private or Public deployment Limits developers to provider languages and tools SaaS: Free or paid via subscription Accessible from any computer Facilitates collaborative working Generic applications not always suitable for business use… Pros and Cons Proposed Model Cloud Intrusion Article Introduce Conclusion Ignite References
  25. 25. Cloud Network Intrusion Detection Fall 2015 25 / 34 Almost limitless storage 500,000 x more capacity Adv and DisAdv Cloud History Cloud Types Cloud Models Cloud Intrusion Cloud Computing Disadvantage of CLOUD Advantage of CLOUD Sporadic Batch Computing Disaster Recovery Performance Transparency Service Industry ratio for staff-to-customers Is 3:500 Proposed Model Article Introduce Conclusion Ignite References
  26. 26. Cloud Network Intrusion Detection Fall 2015 26 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing A rticle introduce A n Efficient Cloud Network Intrusion Detection System © Springer India 2015 J.K. Mandal et al. (eds.), Information Systems Design and Intelligent Applications, Advances in Intelligent Systems and Computing 339, DOI 10.1007/978-81-322-2250-7_10 P. Ghosh (&) A.K. Mandal R. Kumar Information Technology, Netaji Subhash Engineering College, Kolkata, India e-mail: partha1812@gmail.com A.K. Mandal e-mail: abhaynsecit@gmail.com R. Kumar e-mail: kumar.rupesh708@gmail.comCloud Intrusion Proposed Model Conclusion Ignite References
  27. 27. Cloud Network Intrusion Detection Fall 2015 27 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing C loud I ntrusion Article Introduce  With the enormous use of Cloud, the probability of occurring intrusion also increases.  Intrusion Detection System (IDS) is a stronger strategy to provide security.  In the paper, they have proposed an efficient, fast and secure IDS with the collaboration of:  Multi-threaded Network Intrusion Detection System (NIDS),  And Host Intrusion Detection System (HIDS). Proposed Model Conclusion Ignite References What is Problem?
  28. 28. Cloud Network Intrusion Detection Fall 2015 28 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing C loud I ntrusion Article Introduce  Analysis of packets is done using:  K-Nearest Neighbor  And Neural Network (KNN-NN) hybrid classifier.  After getting the report from the Cloud-IDS:  Cloud Service Provider (CSP) will generate an alert for the user as well as maintain a loglist for storing the malicious IP addresses.  In the Intrusion Detection system,  Cloud-IDS capture packets from Network,  Analyze them,  And send reports to the Cloud Administrator on the basis of analysis. Proposed Model Conclusion Ignite References
  29. 29. Cloud Network Intrusion Detection Fall 2015 29 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing C loud I ntrusion Article Introduce Proposed Model Fig. 1: Intrusion detection system in cloud environment Conclusion Ignite References
  30. 30. Cloud Network Intrusion Detection Fall 2015 30 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Proposed M odel Cloud Intrusion  The Multi-threaded NIDS model for Cloud environment is basically based on three modules  Capture and Query module,  Analysis module,  And Reporting module. Conclusion Ignite References P roposed Model - cont:  In proposed model, network maintenance or monitoring device called NIDS that used at the bottleneck position of the network.  In this model, for intrusion detection, they have used multi-threaded NIDS to monitor the requests send by the user.  To overcome the large network traffic.  and for easy process.
  31. 31. Cloud Network Intrusion Detection Fall 2015 31 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Proposed M odel Cloud Intrusion Fig. 2:Flowchart of multithreaded cloud IDS Conclusion Ignite References P roposed Model - cont:
  32. 32. Cloud Network Intrusion Detection Fall 2015 32 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Proposed M odel Cloud Intrusion Fig. 3 Flowchart of IDS using KNN-NN classifier Conclusion Ignite References P roposed Model - cont:
  33. 33. Cloud Network Intrusion Detection Fall 2015 33 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce R eferences: R eferences Cloud Intrusion Proposed Model Conclusion Ignite  Mittal, R., Soni, K.: Analysis of cloud computing architectures. Int. J. Adv. Res. Comput. Commun. Eng. 2, 2087–2091 (2013)  Partha, G., Abhay, ,K.and Rupesh Kumar: An Efficient Cloud Network Intrusion Detection System. Springer, Indea, 2015.  http:Wikipeda.com, last visited 11/8/2015.  http://virtualization.itpro.ir, last visited 11/7/2015.
  34. 34. Thank You! Mohammad Sadegh Salehi S.Salehi@shbu.ac.ir
  35. 35. Mohammad Sadegh Salehi S.Salehi@shbu.ac.ir ‫علی‬ ‫امام‬(‫السالم‬ ‫علیه‬:) ْ‫ن‬ِ‫م‬ ‫ُم‬‫ک‬ْ‫ی‬َ‫ل‬َ‫ع‬ ُ‫ب‬َ‫ج‬‫أو‬ ِ‫م‬ْ‫ل‬ِ‫ع‬‫ال‬ َ‫ب‬َ‫ل‬َ‫ط‬ َّ‫ن‬‫َإ‬‫و‬ ‫أال‬ ،ِ‫ه‬ِ‫ب‬ ُ‫ل‬َ‫م‬َ‫ع‬‫َال‬‫و‬ ِ‫م‬ْ‫ل‬ِ‫ع‬‫ال‬ ُ‫ب‬َ‫ل‬َ‫ط‬ ِ‫ن‬‫ّی‬‫د‬‫ال‬ َ‫ل‬‫َما‬‫ک‬ َّ‫ن‬‫أ‬ ‫ُوا‬‫م‬َ‫ل‬‫اع‬ ُ‫س‬‫ّا‬‫ن‬‫ال‬ ‫َا‬‫ه‬ُّ‫ی‬‫أ‬َ‫ط‬ِ‫ل‬‫الما‬ ِ‫ب‬َ‫ل‬. ،‫دین‬ ‫کمال‬ ‫که‬ ‫بدانید‬ ‫مردم‬ ‫ای‬‫دانش‬ ‫کسب‬‫شم‬ ‫بر‬ ‫اندوزی‬‫مال‬ ‫از‬ ‫اندوزی‬‫دانش‬ ‫که‬ ‫باشید‬ ‫آگاه‬ ‫و‬ ‫است‬ ‫آن‬ ‫به‬ ‫عمل‬ ‫و‬‫ا‬ ‫است‬ ‫تر‬‫واجب‬. Surely, the completion of one’s faith lies in seeking knowledge and putting it into practice, and know that seeking knowledge is more necessary for you than amassing wealth. Imam Ali ‫ج‬ ،‫کافی‬1‫ص‬ ،30
  36. 36. Cloud Network Intrusion Detection Fall 2015 36 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce I gnite Cloud Intrusion Proposed Model Conclusion References Do you Use the Cloud?
  37. 37. Cloud Network Intrusion Detection Fall 2015 37 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Conclusion C onclusion Cloud Intrusion Fig. 5 Detection accuracy Proposed Model Ignite References
  38. 38. Cloud Network Intrusion Detection Fall 2015 38 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Proposed M odel Cloud Intrusion Fig. 4 Intrusion based task of administrator Conclusion Resource Ignite References P roposed Model - cont:
  39. 39. Cloud Network Intrusion Detection Fall 2015 39 / 34 Cloud History Cloud Types Cloud Models Adv And Disadv Cloud Computing Article Introduce Proposed M odel Cloud Intrusion  In proposed model, network maintenance or monitoring device called NIDS.  NIDS used at the bottleneck position of the network.  In this model, for intrusion detection, they have used multi-threaded NIDS to monitor the requests send by the user.  To overcome the large network traffic.  and for easy process. Conclusion Ignite References P roposed Model:

×