Cloud Computing paradigm represents an opportunity for users to reduce costs and increase the eciency, providing an alternative way of using services and computational resources. It represents both a technology for using computing infrastructures in a more efficient way, as well as a business model for selling computing resources. The possibility of dynamically acquire and use services and resources on the base of an on-demand, self-service, and pay-by-use business model, implies incredible exibility in terms of management, which is otherwise hard to address. On the other hand, because of this exibility, cyber attacks represent a serious danger, which can compromise performance and availability of the services provided to Cloud consumers. In this paper, we propose an open-source framework for designing distributed Intrusion Detection System for multiple Cloud vendor infrastructures. The proposed framework provides Application Programming Interface and tools to develop multiple probes, which can be dynamically deployed as a distributed architecture. It enables to collect security information at dierent Cloud architectural levels, which can be used to perform event correlation and diagnosis analysis of intrusion in the Cloud-based systems.
An Advanced Intrusion Detection Framework for Cloud Computing
FICCO, Massimo;VENTICINQUE, Salvatore;DI MARTINO, Beniamino
2013
Abstract
Cloud Computing paradigm represents an opportunity for users to reduce costs and increase the eciency, providing an alternative way of using services and computational resources. It represents both a technology for using computing infrastructures in a more efficient way, as well as a business model for selling computing resources. The possibility of dynamically acquire and use services and resources on the base of an on-demand, self-service, and pay-by-use business model, implies incredible exibility in terms of management, which is otherwise hard to address. On the other hand, because of this exibility, cyber attacks represent a serious danger, which can compromise performance and availability of the services provided to Cloud consumers. In this paper, we propose an open-source framework for designing distributed Intrusion Detection System for multiple Cloud vendor infrastructures. The proposed framework provides Application Programming Interface and tools to develop multiple probes, which can be dynamically deployed as a distributed architecture. It enables to collect security information at dierent Cloud architectural levels, which can be used to perform event correlation and diagnosis analysis of intrusion in the Cloud-based systems.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
