Besides many advantage
s which cloud computing creates, there are different concerns such as security. In
this paper, the conceptual model based on Biological Immune System (BIS) will be proposed in order to
create security in cloud computing. BIS has several features such as
distributed computing, self
organizing, self
-
learning that are considered in distributed environments like clouds. In proposed model,
five groups of autonomous agents are used.
The structure of agents is based on Biological Agents (BA) that
have memory and
could use previous experiments. Agents have the ability to learn and interact with each
other. Each agent has different functions. Their designs are based on B and T lymphocyte. This model is
designed at two levels. In the first level, roles, relationship
and activities of each agent are described and
their components such as modules, programs and functions are shown in the second level. By using these
intelligent autonomous agents, attacks can be identified and intrusion can be prevented.
The proposed
mod
el is based on collaboration of the agents and doesn't need centralized management.
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
systemâs defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This workâs main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99âs 10% dataset. In addition, we investigate these
algorithmsâ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
Â
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Adversarial Attacks and Defenses in Malware Classification: A SurveyCSCJournals
Â
As malware continues to grow more sophisticated and more plentiful - traditional signature and heuristics-based defenses no longer cut it. Instead, the industry has recently turned to using machine learning for malicious file detection. The challenge with this approach is that machine learning itself comes with vulnerabilities - and if left unattended presents a new attack surface for attackers to exploit.
In this paper we present a survey of research in the area of machine learning-based malware classifiers, the attacks they encounter, and the defensive measures available. We start by reviewing recent advances in malware classification, including the most important works using deep learning. We then discuss in detail the field of adversarial machine learning and conduct an exhaustive review of adversarial attacks and defenses in the field of malware classification.
Machine learning in network security using knime analyticsIJNSA Journal
Â
Machine learning has more and more effect on our every dayâs life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Â
Machine learning has more and more effect on our every dayâs life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
systemâs defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This workâs main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99âs 10% dataset. In addition, we investigate these
algorithmsâ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
A BAYESIAN CLASSIFICATION ON ASSET VULNERABILITY FOR REAL TIME REDUCTION OF F...IJNSA Journal
Â
IT assets connected on internetwill encounter alien protocols and few parameters of protocol process are exposed as vulnerabilities. Intrusion Detection Systems (IDS) are installed to alerton suspicious traffic or activity. IDS issuesfalse positives alerts, if any behavior construe for partial attack pattern or the IDS lacks environment knowledge. Continuous monitoring of alerts to evolve whether, an alert is false positive or not is a major concern. In this paper we present design of an external module to IDS,to identify false positive alertsbased on anomaly based adaptive learning model. The novel feature of this design is that the system updates behavior profile of assets and environment with adaptive learning process.A mixture model is used for behavior modeling from reference data. The design of the detection and learning process are based on normal behavior and of environment. The anomaly alert identification algorithm isbuiltonSparse Markov Transducers (SMT) based probability.The total process is presented using real-time data. The Experimental results are validated and presentedwith reference to lab environment.
Adversarial Attacks and Defenses in Malware Classification: A SurveyCSCJournals
Â
As malware continues to grow more sophisticated and more plentiful - traditional signature and heuristics-based defenses no longer cut it. Instead, the industry has recently turned to using machine learning for malicious file detection. The challenge with this approach is that machine learning itself comes with vulnerabilities - and if left unattended presents a new attack surface for attackers to exploit.
In this paper we present a survey of research in the area of machine learning-based malware classifiers, the attacks they encounter, and the defensive measures available. We start by reviewing recent advances in malware classification, including the most important works using deep learning. We then discuss in detail the field of adversarial machine learning and conduct an exhaustive review of adversarial attacks and defenses in the field of malware classification.
Machine learning in network security using knime analyticsIJNSA Journal
Â
Machine learning has more and more effect on our every dayâs life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly
programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
MACHINE LEARNING IN NETWORK SECURITY USING KNIME ANALYTICSIJNSA Journal
Â
Machine learning has more and more effect on our every dayâs life. This field keeps growing and expanding into new areas. Machine learning is based on the implementation of artificial intelligence that gives systems the capability to automatically learn and enhance from experiments without being explicitly programmed. Machine Learning algorithms apply mathematical equations to analyze datasets and predict values based on the dataset. In the field of cybersecurity, machine learning algorithms can be utilized to train and analyze the Intrusion Detection Systems (IDSs) on security-related datasets. In this paper, we tested different machine learning algorithms to analyze NSL-KDD dataset using KNIME analytics.
Managing Intrusion Detection Alerts Using Support Vector MachinesCSCJournals
Â
In the computer network world Intrusion detection systems (IDS) are used to identify attacks
against computer systems. They produce security alerts when an attack is done by an intruder.
Since IDSs generate high amount of security alerts, analyzing them are time consuming and error
prone. To solve this problem IDS alert management techniques are introduced. They manage
generated alerts and handle true positive and false positive alerts. In this paper a new alert
management system is presented. It uses support vector machine (SVM) as a core component of
the system that classify generated alerts. The proposed algorithm achieves high accurate result
in false positives reduction and identifying type of true positives. Because of low classification
time per each alert, the system also could be used in active alert management systems.
Nowadays there are several security tools that used to protect computer systems, computer networks, smart devices and etc. against attackers. Intrusion detection system is one of tools used to detect attacks. Intrusion Detection Systems produces large amount of alerts, security experts could not investigate important alerts, also many of that alerts are incorrect or false positives. Alert management systems are set of approaches that used to solve this problem. In this paper a new alert management system is presented. It uses K-nearest neighbor as a core component of the system that classify generated alerts. The suggested system serves precise results against huge amount of generated alerts. Because of low classification time per each alert, the system also could be used in online systems.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Â
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as âHas Detection or No Detectionâ. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile...IJNSA Journal
Â
This paper is a survey of the work, done for making an IDS fault tolerant.Architecture of IDS that uses mobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filter Agent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor) goes down, other hosts based on priority takes Ownership. This architecture uses decentralized collection and analysis for identifying Intrusion. Rule sets are fed based on user-behaviour or applicationbehaviour.This paper suggests that intrusion detection system (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will.
Obfuscated computer virus detection using machine learning algorithmjournalBEEI
Â
Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach.
Applications of artificial immune system a reviewijfcstjournal
Â
The Biological Immune System is a remarkable information processing and self-learning system that offers
stimulation to build Artificial Immune System (AIS).During the last two decades, the field of AIS is
progressing slowly and steadily as a branch of Computational Intelligence (CI). At present the AIS
algorithms such as Negative Selection Theory, Clonal Selection Theory, Immune Networks Theory, Danger
theory and Dendritic Cell Algorithm are widely used to solve many real world problems in a vast range of
domain areas such as Network Intrusion Detection (NID), Anomaly Detection, Clustering and
classification and Pattern recognition. This review paper critically discusses the theoretical foundation,
research methodologies and applications of the AIS.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Â
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
Â
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
Artificial immune systems can be defined as abstract or metaphorical computational systems
developed using ideas, theories, and components, extracted from the immune system. Most AIS aim
at solving complex computational or engineering problems, such as pattern recognition, elimination,
and optimisation. This is a crucial distinction between AIS and theoretical immune system models.
While the former is devoted primarily to computing, the latter is focused on the modelling of the IS
in order to understand its behaviour, so that contributions can be made to the biological sciences. It is
not exclusive, however, the use of one approach into the other and, indeed, theoretical models of the
IS have contributed to the development of AIS. This paper discusses the concept of artificial immune
system. AIS has various algorithms such as: Immune Theory, Clonal Selection, negative selection.
All these are explained in this paper.
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
Â
A tutorial of the history and application of artificial immune systems, given as a research tutorial for the Intelligent Modelling and Analysis Research Group, School of Computer Science, University of Nottingham UK.
Outstanding to the promotion of the Internet and local networks, interruption occasions to computer
systems are emerging. Intrusion detection systems are becoming progressively vital in retaining
appropriate network safety. IDS is a software or hardware device that deals with attacks by gathering
information from a numerous system and network sources, then evaluating signs of security complexities.
Enterprise networked systems are unsurprisingly unprotected to the growing threats posed by hackers as
well as malicious users inside to a network. IDS technology is one of the significant tools used now-a-days,
to counter such threat. In this research we have proposed framework by using advance feature selection
and dimensionality reduction technique we can reduce IDS data then applying Fuzzy ARTMAP classifier
we can find intrusions so that we get accurate results within less time. Feature selection, as an active
research area in decreasing dimensionality, eliminating unrelated data, developing learning correctness,
and improving result unambiguousness.
Managing Intrusion Detection Alerts Using Support Vector MachinesCSCJournals
Â
In the computer network world Intrusion detection systems (IDS) are used to identify attacks
against computer systems. They produce security alerts when an attack is done by an intruder.
Since IDSs generate high amount of security alerts, analyzing them are time consuming and error
prone. To solve this problem IDS alert management techniques are introduced. They manage
generated alerts and handle true positive and false positive alerts. In this paper a new alert
management system is presented. It uses support vector machine (SVM) as a core component of
the system that classify generated alerts. The proposed algorithm achieves high accurate result
in false positives reduction and identifying type of true positives. Because of low classification
time per each alert, the system also could be used in active alert management systems.
Nowadays there are several security tools that used to protect computer systems, computer networks, smart devices and etc. against attackers. Intrusion detection system is one of tools used to detect attacks. Intrusion Detection Systems produces large amount of alerts, security experts could not investigate important alerts, also many of that alerts are incorrect or false positives. Alert management systems are set of approaches that used to solve this problem. In this paper a new alert management system is presented. It uses K-nearest neighbor as a core component of the system that classify generated alerts. The suggested system serves precise results against huge amount of generated alerts. Because of low classification time per each alert, the system also could be used in online systems.
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Â
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as âHas Detection or No Detectionâ. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
Architecture for Intrusion Detection System with Fault Tolerance Using Mobile...IJNSA Journal
Â
This paper is a survey of the work, done for making an IDS fault tolerant.Architecture of IDS that uses mobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filter Agent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor) goes down, other hosts based on priority takes Ownership. This architecture uses decentralized collection and analysis for identifying Intrusion. Rule sets are fed based on user-behaviour or applicationbehaviour.This paper suggests that intrusion detection system (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will.
Obfuscated computer virus detection using machine learning algorithmjournalBEEI
Â
Nowadays, computer virus attacks are getting very advanced. New obfuscated computer virus created by computer virus writers will generate a new shape of computer virus automatically for every single iteration and download. This constantly evolving computer virus has caused significant threat to information security of computer users, organizations and even government. However, signature based detection technique which is used by the conventional anti-computer virus software in the market fails to identify it as signatures are unavailable. This research proposed an alternative approach to the traditional signature based detection method and investigated the use of machine learning technique for obfuscated computer virus detection. In this work, text strings are used and have been extracted from virus program codes as the features to generate a suitable classifier model that can correctly classify obfuscated virus files. Text string feature is used as it is informative and potentially only use small amount of memory space. Results show that unknown files can be correctly classified with 99.5% accuracy using SMO classifier model. Thus, it is believed that current computer virus defense can be strengthening through machine learning approach.
Applications of artificial immune system a reviewijfcstjournal
Â
The Biological Immune System is a remarkable information processing and self-learning system that offers
stimulation to build Artificial Immune System (AIS).During the last two decades, the field of AIS is
progressing slowly and steadily as a branch of Computational Intelligence (CI). At present the AIS
algorithms such as Negative Selection Theory, Clonal Selection Theory, Immune Networks Theory, Danger
theory and Dendritic Cell Algorithm are widely used to solve many real world problems in a vast range of
domain areas such as Network Intrusion Detection (NID), Anomaly Detection, Clustering and
classification and Pattern recognition. This review paper critically discusses the theoretical foundation,
research methodologies and applications of the AIS.
Design and Implementation of Artificial Immune System for Detecting Flooding ...Kent State University
Â
Academic Paper: N. B. I. Al-Dabagh and I. A. Ali, "Design and implementation of artificial immune system for detecting flooding attacks," in High Performance Computing and Simulation (HPCS), 2011 International Conference on, 2011, pp. 381-390.
Software reusabilitydevelopment through NFL approach For identifying security...IJECEIAES
Â
In component based software reusability development process, the software developers have to choose the best components which are self adaptive future to overcome the functional errors, framework mismatches, violation of user level privacy issues and data leakage feasibilities. The software developers can build high quality software applications by taking the consideration of the reusable components which are more suitable to provide high level data security and privacy. This paper has proposing the neural based fuzzy framework based approach to estimate the reusable components which are directly and indirectly involve the security and privacy to improve the quality of the software system. This approach has considered the twenty effecting factors and fifty three attribute matrices. It has formed with three stages of execution scenarios. The first stage has executed with eleven effecting factors and eighteen attribute matrices for identification of supporting software reusability components, the second stage has executed with four effecting factors and thirty five attribute matrices for identification of subinternal relationships in terms of security-privacy, and the third stage has executed with eight effecting factors and six attribute matrices for identification of sub of sub-internal relationships in terms of security risk estimation. This analytical finding proposes a fuzzy logic model to evaluate the most feasible effecting factors that influence the enterprise level data security-privacy practices at real time environment.
Artificial immune systems can be defined as abstract or metaphorical computational systems
developed using ideas, theories, and components, extracted from the immune system. Most AIS aim
at solving complex computational or engineering problems, such as pattern recognition, elimination,
and optimisation. This is a crucial distinction between AIS and theoretical immune system models.
While the former is devoted primarily to computing, the latter is focused on the modelling of the IS
in order to understand its behaviour, so that contributions can be made to the biological sciences. It is
not exclusive, however, the use of one approach into the other and, indeed, theoretical models of the
IS have contributed to the development of AIS. This paper discusses the concept of artificial immune
system. AIS has various algorithms such as: Immune Theory, Clonal Selection, negative selection.
All these are explained in this paper.
Inspiration to Application: A Tutorial on Artificial Immune SystemsJulie Greensmith
Â
A tutorial of the history and application of artificial immune systems, given as a research tutorial for the Intelligent Modelling and Analysis Research Group, School of Computer Science, University of Nottingham UK.
Outstanding to the promotion of the Internet and local networks, interruption occasions to computer
systems are emerging. Intrusion detection systems are becoming progressively vital in retaining
appropriate network safety. IDS is a software or hardware device that deals with attacks by gathering
information from a numerous system and network sources, then evaluating signs of security complexities.
Enterprise networked systems are unsurprisingly unprotected to the growing threats posed by hackers as
well as malicious users inside to a network. IDS technology is one of the significant tools used now-a-days,
to counter such threat. In this research we have proposed framework by using advance feature selection
and dimensionality reduction technique we can reduce IDS data then applying Fuzzy ARTMAP classifier
we can find intrusions so that we get accurate results within less time. Feature selection, as an active
research area in decreasing dimensionality, eliminating unrelated data, developing learning correctness,
and improving result unambiguousness.
Linuxcon EU : Virtualization in the Cloud featuring Xen and XCPThe Linux Foundation
Â
The Xen Hypervisor was built for the Cloud from the outset: when Xen was designed, we anticipated a world, which today is known as cloud computing. Today, Xen powers the largest clouds in production. This talk explores success criteria, architecture, trade-offs and challenges for cloudy hypervisors.
It is intended for users and developers and starts with a brief introduction to Xen and XCP, their architecture, shine some light on common challenges for KVM and Xen, such as the NUMA performance tax and securing the cloud. It will introduce the concept of domain disaggregation as an approach to increase security, robustness and scalability: all important factors for building clouds at scale. The talk will conclude with an update on Xen support in Linux, Xen for ARM servers and other exciting developments in the Xen community and their implications for building open source clouds.
With the arrival of cloud technology, game accessibility and ub
iquity have a bright future; Games can be
hosted in a centralize server and accessed through the Internet by a thin client on a wide variety of devices
with modest capabilities: cloud gaming. However, current cloud gaming systems have very strong
requireme
nts in terms of network resources, thus reducing the accessibility and ubiquity of cloud games,
because devices with little bandwidth and people located in area with limited
and unstable
network
connectivity, cannot take advantage of these cloud services.
In this paper we present an adaptation technique inspired by the level of detail (LoD) approach in 3D
graphics. It delivers multiple platform accessibility
and network adaptability
, while improving userâs
quality of experience (QoE) by reducing the impa
ct of poor
and
unstable
network parameters (delay,
packet loss, jitter) on game interactivity. We validate our approach using a prototype game
in a controlled
environment
and characterize the user QoE in a pilot experiment. The results show that the propos
ed
framework provides a significant QoE enhancement
Hack Into the Hybrid: The Whys, Hows, and Wows of Making your Course a Blende...Amy Burvall
Â
originally presented at Kamehameha Schools' "Imagine" Conference, June 2013. I organize around the analogy: The Cafe, The Studio. and the Stage.
* Please note that the many embedded videos will not play in Slideshare, and the accompanying website url HAS BEEN CHANGED TO http://amyburvall.wix.com/presos
With the development growing of network technology, computer networks became increasingly
wide and opened. This evolution gave birth to new techniques allowing accessibility of networks
and information systems with an aim of facilitating the transactions. Consequently, these
techniques gave also birth to new forms of threats. In this article, we present the utility to use a
system of intrusion detection through a presentation of these characteristics. Using as
inspiration the immune biological system, we propose a model of artificial immune system
which is integrated in the behavior of distributed agents on the network in order to ensure a
good detection of intrusions. We also present the internal structure of the immune agents and
their capacity to distinguish between self and not self. The agents are able to achieve
simultaneous treatments, are able to auto-adaptable to environment evolution and have also the
property of distributed coordination.
Running Head ANNOTATED BIBLIOGRAPHYANNOTATED BIBLIOGRAPHY .docxhealdkathaleen
Â
Running Head: ANNOTATED BIBLIOGRAPHY
ANNOTATED BIBLIOGRAPHY 6
Annotated Bibliography on Emerging Cyber Threats
[Name of Institution]
[Name of Writer]
Annotated Bibliography on Emerging Cyber Threats
Source#1
Reference: Kettani, H., & Wainwright, P. (2019, March). On the Top Threats to Cyber Systems. In 2019 IEEE 2nd International Conference on Information and Computer Technologies (ICICT) (pp. 175-179). IEEE.
Summary: This article reveals the threats to the cyber systems even some of them are not known to the common people. The article defines that the latest technology has advanced the cyber systems and these advancements are attractive and beneficial in comparison to the previous systems. However, due to this sophisticated and attractive advancement the individuals, societies, and nations had become dependent on the cyber systems. These systems result in the higher gain and ease of handling since people had relying on the cyber systems. Moreover, the author argues that for the adoption of the proper defense and mitigations to the threats it is necessary to understand cyber threats. The top threats with a brief discussion of threat agents and attack vectors along with the countermeasures are mentioned so that the readers can find knowledge in this regard.
Relevance: This article is of paramount importance because it defines the importance of the topic of research. As the aim of the research is to expose the emerging cyber-attacks and the author of the article âOn the Top Threats to Cyber Systemsâ reveals the importance of the cyber systems which is important for understanding the dependence over the cyber systems. In addition to this, the article is found worth reading because it reveals the emerging cybercrimes and ways of protection too. The study is found relevant because it reveals that cyber systems are important nowadays because they are used in the business systems, control systems, and for accessing the control systems. In other words, the articles provide an overview of the emerging threats and latest trends in the cyber systems.
Source#2
Reference: Parn, E. A., & Edwards, D. (2019). Cyber threats confronting the digital built environment. Engineering, Construction and Architectural Management.
Summary: This article determines the cyber systems attack in the sector of the digital built environment. The study gives the idea of emerging crimes that are made to threat the digital and physical assets that are used to form the digital economies. These threats are often made to affect the critical infrastructure of the smart cities. These smart cities are comprised of the cyber systems which also increase the national wealth, preserve health, and provide safety and welfare to the nation. In this regard, it is important to protect the cyber systems from the critical and emerging threats. Additionally, the article reveals the safe an ...
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
Â
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
CYBERSECURITY INFRASTRUCTURE AND SECURITY AUTOMATIONacijjournal
Â
AI-based security systems utilize big data and powerful machine learning algorithms to automate the security management task. The case study methodology is used to examine the effectiveness of AI-enabled security solutions. The result shows that compared with the signature-based system, AI-supported security applications are efficient, accurate, and reliable. This is because the systems are capable of reviewing and correlating large volumes of data to facilitate the detection and response to threats.
Army Study: Ontology-based Adaptive Systems of Cyber DefenseRDECOM
Â
The U.S. Army Research Laboratory is part of the U.S. Army Research, Development and Engineering Command, which has the mission to ensure decisive overmatch for unified land operations to empower the Army, the joint warfighter and our nation. RDECOM is a major subordinate command of the U.S. Army Materiel Command.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
Â
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
Â
In order to the rapid growth of the network application, new kinds of network attacks are emerging endlessly. So it is critical to protect the networks from attackers and the Intrusion detection technology becomes popular. Therefore, it is necessary that this security concern must be articulate right from the beginning of the network design and deployment. The intrusion detection technology is the process of identifying network activity that can lead to a compromise of security policy. Lot of work has been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and manage misuse and anomaly detects.
DISTRIBUTED DENIAL OF SERVICE ATTACK DETECTION AND PREVENTION MODEL FOR IOTBA...IJNSA Journal
Â
Defending against Distributed Denial of Service (DDoS) in the Internet of Things (IoT) computing environment is a challenging task. DDoS attacks are type of collective attack in which attackers work together to compromise internet security and services. The resource-constrained devices used in IoT deployments have made it even easier for an attacker to break, because of the vast number of vulnerable IoT devices with significant compute power. This paper proposed an ensemble machine learning (ML) model using the bagging technique to detect and prevent DDoS attacks in the IoT computing environment. We carried out an Machine Learning experiment and evaluated our proposed model with the most recent DDoS attacks (CICDoS2019) dataset. We use seven validation metrics (classification accuracy, precision rate, recall rate, f1-score, Matthews Correlation Coefficient, false negative rate and false positive rate) to evaluate the performance of the proposed model. The results obtained in our experiment shows an improved performance with an overall maximum classification accuracy of 99.75%, precision rate of 99.99%, recall rate of 99.76%, f1-score of 99.87%, Matthews Correlation Coefficient of 0.000000214, false negative rate of 0.24% and 4.42% false positive rate.
X-ware: a proof of concept malware utilizing artificial intelligenceIJECEIAES
Â
Recent years have witnessed a dramatic growth in utilizing computational intelligence techniques for various domains. Coherently, malicious actors are expected to utilize these techniques against current security solutions. Despite the importance of these new potential threats, there remains a paucity of evidence on leveraging these research literature techniques. This article investigates the possibility of combining artificial neural networks and swarm intelligence to generate a new type of malware. We successfully created a proof of concept malware named X-ware, which we tested against the Windows-based systems. Developing this proof of concept may allow us to identify this potential threatâs characteristics for developing mitigation methods in the future. Furthermore, a method for recording the virusâs behavior and propagation throughout a file system is presented. The proposed virus prototype acts as a swarm system with a neural network-integrated for operations. The virusâs behavioral data is recorded and shown under a complex network format to describe the behavior and communication of the swarm. This paper has demonstrated that malware strengthened with computational intelligence is a credible threat. We envisage that our study can be utilized to assist current and future security researchers to help in implementing more effective countermeasures.
DEFENSE MECHANISMS FOR COMPUTER-BASED INFORMATION SYSTEMS IJNSA Journal
Â
Nowadays, corporations and a government agencies relay on computer-based information system to manage their information, this information may be classified, so it will be dangerous if it is disclosed by unauthorized persons. Therefore, there is urgent need for defense. In this research, defense has been categorized into four mechanisms technical defense, operation defense, management defense, and physical defense based on the logic of computer and network security. Also, each mechanism has been investigated and explained in the term of computer based information systems.
A predictive framework for cyber security analytics using attack graphsIJCNCJournal
Â
Security metrics serve as a powerful tool for organizations to understand the effectiveness of protecting computer networks. However majority of these measurement techniques donât adequately help corporations to make informed risk management decisions. In this paper we present a stochastic security framework for obtaining quantitative measures of security by taking into account the dynamic attributes associated with vulnerabilities that can change over time. Our model is novel as existing research in attack graph analysis do not consider the temporal aspects associated with the vulnerabilities, such as the availability of exploits and patches which can affect the overall network security based on how the vulnerabilities are interconnected and leveraged to compromise the system. In order to have a more realistic representation of how the security state of the network would vary over time, a nonhomogeneous model is developed which incorporates a time dependent covariate, namely the vulnerability age. The daily transition-probability matrices are estimated using Frei's Vulnerability Lifecycle model. We also leverage the trusted CVSS metric domain to analyze how the total exploitability and impact measures evolve over a time period for a given network.
Information Sharing of Cyber Threat Intelligence with their Issue and Challengesijtsrd
Â
Today threat landscape growing at the rapid rate with much organization continuously face complex and malicious cyber threats. In today's Internet connected world where technologies support almost every feature of our society, cyber security and forensic specialists are increasingly distributing with wide ranging cyber threats in almost. real time conditions. The capability to detect, analyze, and defend against such threats in near real time conditions is not possible without the employment of threat intelligence, big data, and machine learning techniques. Cyber Threat Intelligence CTI has become a hot topic and being under consideration for many organizations to counter the rise of cyber attacks. The vast majority of information security challenges we face today are the result of serendipitous and naive decisions made in the early stages of the Internet. Khin Myat Nwe Win | Yin Myo Kay Khine Thaw "Information Sharing of Cyber Threat Intelligence with their Issue and Challenges" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-5 , August 2019, URL: https://www.ijtsrd.com/papers/ijtsrd26504.pdfPaper URL: https://www.ijtsrd.com/computer-science/computer-security/26504/information-sharing-of-cyber-threat-intelligence-with-their-issue-and-challenges/khin-myat-nwe-win
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilotâ˘UiPathCommunity
Â
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalitĂ di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
đ Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
đ¨âđŤđ¨âđť Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Â
Are you looking to streamline your workflows and boost your projectsâ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, youâre in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part âEssentials of Automationâ series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Hereâs what youâll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
Weâll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Donât miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Â
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
Â
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Â
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Â
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Â
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Â
Monitoring and observability arenât traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current companyâs observability stack.
While the dev and ops silo continues to crumbleâŚ.many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
A security model for cloud computing based on autonomous biological agents
1. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
A SECURITY MODEL FOR CLOUD COMPUTING
BASED ON AUTONOMOUS BIOLOGICAL AGENTS
Fatemeh Arabalidousti and Touraj Banirostam
Department of Computer Engineering, Islamic Azad University, Central Tehran Branch ,
Tehran, Iran
ABSTRACT
Besides many advantages which cloud computing creates, there are different concerns such as security. In
this paper, the conceptual model based on Biological Immune System (BIS) will be proposed in order to
create security in cloud computing. BIS has several features such as distributed computing, self
organizing, self-learning that are considered in distributed environments like clouds. In proposed model,
five groups of autonomous agents are used. The structure of agents is based on Biological Agents (BA) that
have memory and could use previous experiments. Agents have the ability to learn and interact with each
other. Each agent has different functions. Their designs are based on B and T lymphocyte. This model is
designed at two levels. In the first level, roles, relationship and activities of each agent are described and
their components such as modules, programs and functions are shown in the second level. By using these
intelligent autonomous agents, attacks can be identified and intrusion can be prevented. The proposed
model is based on collaboration of the agents and doesn't need centralized management.
KEYWORDS
Biological Agents Biological Immune System, Cloud Computing, Security.
1. INTRODUCTION
Cloud computing is a new technology based on distributed processing, parallel computing and
grid computing, which has been developed recently and is one of the attractive topics in the field
of information technology [1]. Set of resources are provided by many computers and are allocated
to users as needed. Thus, all applied programs can obtain calculation capacity, storage space and
a variety of software services according to their need [2].
Cloud computing provide advantages such as high scalability, remote data storage, reduction of
cost by sharing computing and storage resources [3]. Nevertheless, it faces different challenges.
Security is one of the key challenges. Acceptance of cloud computing services requires solving
the security problems [1]. Therefore, many attempts are made to create a safe environment
because the increase of interaction in cloud increased security concerns. To overcome the
security problems in cloud computing, using new methods like Autonomous Computing and BIS
(BIS) provides new approaches to overcome this issue. Immune system is an autonomous system
of which components interact with each other without a central system. The system is able to
identify insiders and outsiders and to learn and interact with the operating concept [3]. The BIS
is an autonomous system in which all control and security operations are done without the
intervention of the central system. Therefore, BIS, a new method to overcome the security
challenges in cloud computing can be proposed.
DOI : 10.5121/ijccsa.2013.3502
19
2. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
In the next section, related works about security of cloud computing and method of using agents
are given. The BIS will be described in section III. In section IV, the proposed model will be
introduced. Designing of agents will be explained in section V and finally conclusions will be
presented.
2. RELATED WORKS
Since the security is very importance in the cloud, different methods have been presented in this
section, first, methods of increasing the security of the cloud are presented. Then, works
performed for modeling of BIS are described. One of the methods of establishing security of
cloud is collaborative intrusion detection. This proposed system is a kind of DIDS which supports
Partner IDS idea in cloud environment. Each IDS notifies other IDSs that attack or suspicious
event has occurred. They exchange all of IDS alerts and verify them [4]. A new intrusion
detection model for cloud is AdjointVM. AdjointVM is an IDS that is composed of both explicit
and implicit parts. In explicit part, traditional IDS can be used to monitor applied programs of
user level. This part includes strong analysis laws and package focus on a specific data event of
the host. In implicit part, each protected virtual machine (VM) is added to a VM which uses
virtualization technology for monitoring statuses of the protected VM core and uses explicit and
implicitly IDS for protecting integrity [5].
What was mentioned above was related to detection methods introduced in the cloud. Now
agent-based methods for BIS modeling are reviewed. An approach to an intrusion
prevention system (IPS) which is inspired by the Danger model of immunology is proposed. This
novel approach used a multi immune agent system that implements a non-linear classification
method to identify the abnormality behavior of network system [6]. Agent-based artificial
immune system (ABAIS) is applied to intrusion detection systems (IDS). A multiagent-based
IDS (ABIDS) inspired by the danger theory of human immune system is proposed [7].
Banirostam had modeled the BIS with using Biological Agent (BA) based on Capra Cognitive
Framework [8]. Montealegre introduced an Agent-based artiďŹcial immune system model for the
detection of faults in a distributed satellite [9].
3. BIOLOGICAL IMMUNE SYSTEM
The immune system plays an important role in defending body against various threats to health,
such as pathogens, cancer cells or modified-self proteins. The immune response is traditionally
divided into innate and adaptive immune responses [10]. Lymphocytes as the primary immune
cells are divided into two major groups: B cells and T cells. A simple deďŹnition of B lymphocytes
is a population of cells that express clonally diverse cell surface immunoglobulin (Ig) receptors
recognizing speciďŹc antigenic epitopes [11]. On occasion, however, a B cell does make a catch.
When a B cellâs receptors bind to its cognate antigen, that B cell is triggered to double
in size and divide into two daughter cells â a process immunologists call proliferation. Both
daughter cells then double in size and divide to produce a total of four cells, and so forth.
Each cycle of cell growth and division takes about 12 hours to complete, and this period of
proliferation usually lasts about a week. At the end of this time, a âcloneâ of roughly 20 000
identical B cells will have been produced, all of which have receptors on their surface that can
recognize the same antigen. Now there are enough to mount a real defense [12]. once a virus gets
into a cell, antibodies canât get to it, so the virus is safe to make thousands of copies of itself.
Mother Nature recognized this problem, and to deal with it, she invented the famous
âkiller T cell,â another member of the adaptive immune system team. Like B cells, T
cells are produced in the bone marrow, and on their surface they display antibody-like
molecules called T cell receptors (TCRs) [12]. when a T cellâs receptors bind to their
20
3. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
cognate antigen, the T cell proliferates to build up a clone of T cells with the same
specificity. This proliferation stage takes about a week to complete, so like the antibody
response, the T cell response is slow and specific[12].
After entry of pathogenic bacteria or a virus to the body, the cells such as dendritic cells and
macrophages send signals associated with external factors to T Helper. After receiving the signal,
T-Helper cells send orders to T-Killer and B cell and the T-Killer cell directly attacks the cells
contaminated with virus or cancerous cells while B-cell releases the related antibodies to
pathogenic bacteria [12]. Activation of special types of B-cell and T-Killer cells depending on the
intruder antigen type. If the intruder antigen was pathogenic bacteria, B lymphocytes would be
activated and autopoiesis, but if it was a virus or defective cell, T lymphocytes would be activated
and autopoiesis [12]. APC-cell, antigen presenter cells, is a set of different types of cells that are
able to identify and process antigen. These cells presented their findings to another cell and
persuaded them to start an immune response against pathogens.
4. PROPOSED MODEL
According to the independent operation of the BIS elements, this system can be used to design
secure systems in the cloud. The use of BIS has two reasons: Firstly, the immune system is a selforganized and distributed system to protect the body against attack of pathogens. Secondly,
current techniques used in increasing security in cloud computing donât address some of the
challenges. Requirement for this system is an existence of independent elements in the cloud. In
this model, an intrusion detection system based on multi-agent architecture is designed. Agents
are mobile in the model and derived from architecture of immune cells. These agents are divided
into 5 categories: architecture, T Helper Cell, T Memory Cell, B cell and T Killer Cell. Each of
these agents is designed based on autonomous computing architecture. Autonomic computing
tries to develop the communication infrastructure and overcome the complexity with approach of
tasks assignment to the elements available in the system.
Autonomous agents should be able to identify and restore defective components, and also protect
themselves. They are aware of the internal and external environment and communicate with each
other and share their knowledge. The proposed model is shown in Figure 1.
21
4. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
Figure 1. Proposed model
Figure 1. Proposed model
These agents are able to learn, monitor the environment, discover outsider and finally kill them.
System is going to be robust over the time and the knowledge will be increased. These agents are
deployed in the data centre of cloud and when one of them is removed from the system, another
agent will be replaced quickly
5. DESIGN AGENTS
Five different agents are designed based on autonomic computing each having its own
capabilities. Internal components and relations between them are shown in Figure 1. The function
of each agent is described the following.
5.1. Presenter Agent
In this model, the role of this agent is antigen Presenter cell. This agent moves in the data center
and monitors environment, recognizes normal functions of the units under its control and records
them in its memory. When information gained via monitoring environment is reviewed and
audited, if a defect occurs, Presenter agent sends the audit trail to T-Helper agent to receive a
compliance pattern for eliminating the causes of the occurring defect. This agent has four
modules which are listed below:
Interface: This module is responsible for communicating between modules of this agent and other
agents.
Monitor: This module monitors the internal environment and is looking for anomaly conditions.
Memory: This module records the node's normal functions and maintains data obtained from
Monitor
22
5. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
Analysis: This module studies information obtained from the monitors interfaces and memory
modules. In case of intrusion or security problems occurring in the system, it will request pattern.
Figure 2 shows the flowchart of the internal functions of this agent.
Figure 2. The flowchart of internal functions of Presenter agent.
5.2. T- Helper Agent
This agent that is shown in figure 3 plays role of T-Helper cell. When it receives pattern request
from Presenter agent, it gives pattern to Memory agent. This request is because of intrusion
occurring in the network. Intrusion can be divided into two categories: the first category is related
to authorized users that intrude on unauthorized parts. The second category relates to activities
occurring outside the network for intrusion into it. The first category of these activities is more
dangerous than the latter. Since this intrusion is done by the users who have been authenticated in
the system and can also do activities. For this purpose, different security policies for the two
classes are established. T-Helper agent determines the type of intrusion after receiving the pattern
request. It sends this request to T memory agent and then transfers pattern to B or T Killer agent.
When there is not a full compliance between them, T-Helper agent generates a new pattern
selection algorithm based on its previous algorithms for selecting a pattern with the most
compliance. This agent waits for receiving B and T-killerâs feedback after sending the pattern.
Then it stores the algorithm and feedback. The agent has the following modules:
Interface: This module is responsible for communicating between modules of this agent and other
agents.
Detector: it recognizes the type of intrusion.
Algorithm Planner: This module designs a new selection algorithm when there is not a full
compliance between the audit trail and patterns.
Memory: This module collects feedback related to selected algorithms and then gives to TMemory agent.
23
6. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
Figure 3. The flowchart of internal functions of T-Helper agent.
5.3. T-Memory Agent
This agent is similar to T-Memory cells. According to the request sent by Helper agent, this agent
gets information from this and sends proposed pattern to it until its compliance with the obtained
information is reviewed. This pattern includes the methods of eliminating intrusion activity. In
figure 4, the internal functions of this agent are shown. This agent has four modules which are
listed below:
Interface: This module is responsible for communicating between modules of this agent and other
agents.
Pattern Presenter: this module presents pattern considering the obtained information.
Pattern Memory: This module will record the successful patterns.
Analyst: All decisions of T-Memory agent are taken by this module.
Figure 4. The flowchart of internal functions of T-Memory agent.
24
7. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
5.4. Biological Agent (BA)
The agent plays the role of B cells. As mentioned, the activities of the network are divided into
two parts: intrusion via users or non-user. The patterns related to users are transferred to this by
Helper agent, and then it uses the patterns and prevents intrusion. This agent communicates with
agent to use their correct methods. Then it disables access of offending user. Finally, if this
method is successful, necessary feedbacks are sent to helper agent. Figure 5 shows the internal
functions of this agent.
The agent has the following modules:
Interface: This module is responsible for communicating between modules of this agent and other
agents.
Analyst: All decisions of B agent are taken by this module.
Killer: This module kills the main reason of intrusion.
Method Memory: this module records all of the correct procedures to eliminate intrusion
Figure 5. The flowchart of internal functions of B agent.
5.5. T-Killer Agent
Modules of this agent are similar to B agent. The difference between this agent and B is that Tkiller agent prevents external intrusion. In figure 4, the internal functions of this agent are shown.
25
8. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
Figure 6. The flowchart of internal functions of T-Killer agent.
The agents of proposed model use a decentralized security mechanism to eliminate unknown
security challenges and risks. In this model, it is not necessary to use and update security
software. When a security incident occurs, the agents would be aware of the whole network and
confront against it. However, the role of centralized node could not be eliminated or ignored, but
according to the proposed model inspired by immune system, cloud computing will be more safe
and agile. The robustness of network will not depend on the particular node and management of
system will be decentralized.
The conceptual model inspired by BIS is presented. This model consists of a set of autonomous
agents that can communicate with each other and increase their knowledge. Agents are able to
learn. Over time, the knowledge of system will be increased and system will be reinforced.
Agents are deployed in cloud data center and if one of them is removed, another agent will be
replaced quickly. They continuously monitor environment, identify intrusion and eliminate them.
Occurring intrusions are divided in two types: Users and non-users. Different methods are
presented for each of these types. Presenter agent reviews the behavior of users and non-users in
date center. Once the intrusion is identified, information is sent to Helper agent and this agent
sends them to T-Memory agent until it receives function pattern. If there is not a full compliance,
Helper agent will create algorithm and send it to B or T-killer agent. They eliminate intrusion
according to the type of attack. In proposed model, the robustness of a system is not dependent on
an especial node. Furthermore, the management of systems is decentralized.
6. CONCLUSION
In this paper, inspired by BIS and the autonomic computing, a conceptual model based on BAs
with learning ability is proposed. The proposed model is composed of five different types based
on B and T lymphocytes. This model is designed at different levels. In the first level, roles,
relationship and activities of each agent are described and their components such as modules,
programs and functions are shown in the second level. Also their interactions have been
described. The main advantages of the proposed model are the use of BIS, decrease in the need
for a central element, self-discovery and removal of defective, no need for updating, improvement
of the knowledge and performance of the system through the time.
26
9. International Journal on Cloud Computing: Services and Architecture (IJCCSA) ,Vol.3, No.5, October 2013
REFERENCES
Xiaowei Yan, Xiaosong Zhang, Ting Chen, Hongtian Zhao, and Xiaoshan Li, (2011) âThe
Research and Design of Cloud Computing Security Frameworkâ, Advances in Computer,
Communication, Control & Automation, LNEE 121, pp. 757â763. Springer.
[2] Jia Weihua, Sun Shibing, (2012) âResearch on the Security Issues of Cloud Computing â,
Intelligence Computation and Evolutionary Computation, AISC 180, pp. 845â848. Springer,
[3] S. Pearson and G. Yee (eds.), (2013) âPrivacy and Security for Cloud Computingâ,
Computer Communications and Networks, Springer.
[4] Chi-Chun Lo, Chun-Chieh Huang, Joy Ku, (2010) âA Cooperative Intrusion Detection
System Framework for Cloud Computing Networkâ, International Conference on Parallel
Processing Workshops, IEEE.
[5] Kong, Jinzhu, (2011) âAdjointVM, a new intrusion detection model for cloud computingâ,
Elsevier.
[6] Muna, Elsadig, Abdullah Azween, and Brahim Belhaouari Samir, (2010) âImmune multi
agent system for intrusion prevention and self healing system implement a non-linear
classificationâ, International Symposium in Information Technology IEEE, pp 1-6.
[7] Chung-Ming Ou, Yao-Tien Wang, Ou, C.R, (2011) âIntrusion detection systems adapted
from agent-based artificial immune systemsâ, IEEE international Conference, pp 115-122,
[8] T. Banirostam and M. N. Fesharaki, (2011) âImmune System Simulation with Biological
Agent Based on Capra Cognitive Frameworkâ, 13th International Conference on Modelling
and Simulation, IEEE UKSim 2011, Cambridge, UK, pp.122-127, DOI
10.1109/UKSIM.2011.32.
[9] Norma Montealegre, (2012)â Agent-based artiďŹcial immune system model for the detection
of faults in a distributed satellite systemâ, IEEE First AESS European Conference,pp 1-6.
[10] T. Fulop, C. Fortin, O. Lesur, G. Dupuis, J. R. Kotb, J. M. Lord and A. Larbi, (2012) âThe
Innate Immune System and Aging: What is the Contribution to Immunosenescence ?â, Open
Longevity Science 6: 121-132
[11] Tucker W, LeBien and Thomas F, Tedder, (2012) âB lymphocytes: how they develop and
functionâ, Bloodjournal : 1570-1580
[12] Lauren Sompayrac, (2003) âHow Immune system worksâ, Wiley-Blackwell.
[1]
27