cloud intrusion detection model inspired by dendritic
TRANSCRIPT
Cloud Intrusion Detection Model Inspired by Dendritic Cell Mechanism
Azuan Bin AhmadProf. Dr. Norbik Bashah Idris
Dr. Mohd Nazri Kama
Outline
• Introduction• Related Works• Dendritic Cell Mechanism• Cloud IDS Algorithm• Cloud IDS Model• Cloud IDS Experiment Network• Future Works• Conclusion
Introduction
80%Malaysian
Firm Faced Cyber Attacks
2015[1]
Hacked in
2012[2]
Sony Attack Incident 2011
Sony Playstation Network
Amazon EC2
Cloud
Compromised more than
100 million customer accounts
Why Cloud Need Protection?
Distributed And Nested
A Lot of Information[1]
One Target for All
Publicly Available
Target of Distributed
Attack
No Dedicated IDS for Cloud[2]
Current Cloud IDS Implementation
Need a lot of Self-
maintenance[3]
Different types of
IDS installed in each Cloud
Inter-VM Attacks will be
invisibleNetwork
Congestion
Related Works• Cloud IDS model based on Virtual Machine Monitor[6]
– U. Tupakula, V. Varadharajan, and N. Akku– Works only on signature based IDS
• Software as a Service IDS[7]
– G. Nascimento and M. Correia– Focus on SaaS Cloud Environment– Didn’t use standard dataset for comparison
• Grid and Cloud Computing Intrusion Detection System (GCCIDS)[8]
– K. Vieira, A. Schulter, C. Westphall, and C. Westphall– IDS management is not centralize.
Cloud IDS Model
Hybrid IDS
Methdology
Centralize IDS
management
Virtually Mirrored Network
Monitoring
Artificial Immune System
Real Implementation
Dendritic Cell Mechanism
• Dendritic cells (DC) collects and present antigens to the adaptive immune system for processing.
• Monitoring the PAMP, Safe and Danger signal of the environment.
• Exist within three states – Immature– Semi-mature–Mature
Cloud IDS Algorithm
Figure 1: Cloud IDS Algorithm
Cloud IDS model
Figure 2: Cloud IDS Model
Implementation
Figure 3: Cloud IDS Model Experiment Network
Future Works
• Testing the Cloud IDS model with real Cloud data and environment.
• Applying different machine learning mechanism in analysing and improving Cloud IDS result.
Conclusion
• Dendritic Cell is known for detecting and killing any pathogens that infected human tissue and cells.
• The successful of Dendritic Cell in protecting human body will also bring a success in protecting Cloud environment if the same mechanism are being implemented in the real world applications.
References[1] D. Gollmann, "Computer security," Wiley Interdisciplinary Reviews: Computational Statistics, vol. 2, pp. 544-554, 2010.[2] S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of Network and
Computer Applications, vol. 34, pp. 1-11, 2011.[3] W. Yassin, N. Udzir, Z. Muda, A. Abdullah, and M. Abdullah, "A Cloud-based Intrusion Detection Service framework," in Cyber Security,
Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on, 2012, pp. 213-218.[4] Available online at
http://www.thestar.com.my/news/nation/2015/04/26/faster-bigger-and-sharper-cyber-criminals-are-stepping-up-their-game-to-trick-companies-and-digitall/
[5] BBC, "Google and Apple among hundreds hit in high-profile Pakistan hack," 26th November, 2012 2012. [6] U. Tupakula, V. Varadharajan, and N. Akku, "Intrusion detectiontechniques for infrastructure as a service cloud," in Dependable, Autonomicand Secure Computing (DASC), 2011 IEEE Ninth International Conferenceon, 2011, pp. 744-751.[7] G. Nascimento and M. Correia, "Anomaly-based intrusiondetection in software as a service," in Dependable Systems and NetworksWorkshops (DSN-W), 2011 IEEE/IFIP 41st International Conference on,2011, pp. 19-24.[8] K. Vieira, A. Schulter, C. Westphall, and C. Westphall, "Intrusiondetection for grid and cloud computing," IT Professional Magazine, vol. 12, p.38, 2010.