Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment
Journal Title: International Journal of Interactive Multimedia and Artificial Intelligence - Year 2017, Vol 4, Issue 3
Abstract
Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS) based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA) and network intrusion detection system (NIDS). Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM) under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts, transfer data malicious and transfer update of a database of neighboring IDS in the cloud. With this technique, the neighboring IDS will use these new signatures to protect their area of control against the same type of attack. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
Authors and Affiliations
Hicham Toumi, Bouchra Marzak, Amal Talea, Ahmed Eddaoui, Mohamed Talea
Keywords
Related Articles
- EP ID EP328798
- DOI 10.9781/ijimai.2017.4311
- Views 199
- Downloads 0
Virtual Planning and Intraoperative Navigation in Craniomaxillofacial Surgery
Surgery planning assisted by computer represents one important example of the collaboration between surgeons and engineers. Virtual planning allows surgeons to pre-do the surgery by working over a virtual 3D model of the...
Selecting Statistical Characteristics of Brain Signals to Detect Epileptic Seizures using Discrete Wavelet Transform and Perceptron Neural Network
Electroencephalogram signals (EEG) have always been used in medical diagnosis. Evaluation of the statistical characteristics of EEG signals is actually the foundation of all brain signal processing methods. Since the cor...
Editor’s Note
Editorial
Taxonomies for Reasoning About Cyber-physical Attacks in IoT-based Manufacturing Systems
The Internet of Things (IoT) has transformed many aspects of modern manufacturing, from design to production to quality control. In particular, IoT and digital manufacturing technologies have substantially accelerated pr...
Smart Algorithms to Control a Variable Speed Wind Turbine
In this paper, a robust adaptive fuzzy neural network sliding mode (AFNNSM) control design is proposed to maximize the captured energy for a variable speed wind turbine and to minimize the efforts of the drive shaft. Fuz...