Use Trust Management Framework to Achieve Effective Security Mechanisms in Cloud Environment
Journal Title: International Journal of Interactive Multimedia and Artificial Intelligence - Year 2017, Vol 4, Issue 3
Abstract
Cloud Computing is an Internet based Computing where virtual shared servers provide software, infrastructure, platform and other resources to the customer on pay-as-you-use basis. Cloud Computing is increasingly becoming popular as many enterprise applications and data are moving into cloud platforms. However, with the enormous use of Cloud, the probability of occurring intrusion also increases. There is a major need of bringing security, transparency and reliability in cloud model for client satisfaction. One of the security issues is how to reduce the impact of any type of intrusion in this environment. To address this issue, a security solution is proposed in this paper. We provide a collaborative framework between our Hybrid Intrusion Detection System (Hy-IDS) based on Mobile Agents and virtual firewalls. Therefore, our hybrid intrusion detection system consists of three types of IDS namely IDS-C, IDS-Cr and IDS-M, which are dispatched over three layer of cloud computing. In the first layer, we use IDS-C over our framework to collect, analyze and detect malicious data using Mobile Agents. In case of attack, we collect at the level of the second layer all the malicious data detected in the first layer for the generation of new signatures using IDS-Cr, which is based on a Signature Generation Algorithm (SGA) and network intrusion detection system (NIDS). Finally, through an IDS-M placed in the third layer, the new signatures will be used to update the database NIDS belonging to IDS-Cr, then the database to NIDS belonging of IDS-Cr the cluster neighboring and also their IDS-C. Hardware firewall is unable to control communication between virtual machines on the same hypervisor. Moreover, they are blind to virtual traffic. Mostly, they are deployed at Virtual Machine Monitor- level (VMM) under Cloud provider’s control. Equally, the mobile agents play an important role in this collaboration. They are used in our framework for investigation of hosts, transfer data malicious and transfer update of a database of neighboring IDS in the cloud. With this technique, the neighboring IDS will use these new signatures to protect their area of control against the same type of attack. By this type of close-loop control, the collaborative network security management framework can identify and address new distributed attacks more quickly and effectively.
Authors and Affiliations
Hicham Toumi, Bouchra Marzak, Amal Talea, Ahmed Eddaoui, Mohamed Talea
Keywords
Related Articles
- EP ID EP328798
- DOI 10.9781/ijimai.2017.4311
- Views 198
- Downloads 0
Heuristics Considering UX and Quality Criteria for Heuristics
Heuristic evaluation is a cheap tool with which one can take qualitative measures of a product’s usability. However, since the methodology was first presented, the User Experience (UX) has become more popular but the heu...
Anomaly based Intrusion Detection using Modified Fuzzy Clustering
This paper presents a network anomaly detection method based on fuzzy clustering. Computer security has become an increasingly vital field in computer science in response to the proliferation of private sensitive informa...
A Depth Video-based Human Detection and Activity Recognition using Multi-features and Embedded Hidden Markov Models for Health Care Monitoring Systems
Increase in number of elderly people who are living independently needs especial care in the form of healthcare monitoring systems. Recent advancements in depth video technologies have made human activity recognition (HA...
Editor’s Note
Editorial
Combining Fuzzy AHP with GIS and Decision Rules for Industrial Site Selection
This study combines Fuzzy Analytic Hierarchy Process (FAHP), Geographic Information System (GIS) and Decision rules to provide decision makers with a ranking model for industrial sites in Algeria. A ranking of the suitab...