Abstract
Cloud services delivered as utility computing over the Internet makes it an attractive target for cyber intruders. Protecting network accessible Cloud resources and services from ever increasing cyber threats is of great concern. Most of the Network based Intrusion Detection System (NIDS) being rule based and therefore only capable of identifying known attacks (through pattern matching). Traditional Anomaly Detection based IDS may generate more number of false positives.
In this paper, we attempt to amalgamate IDS with Cloud computing. Introducing Honeypot in Cloud IDS design can greatly help in detecting potential attacks with reduced number of false positives. This research work provides an impetus to strengthen network security aspects related to Cloud computing to make it more trustworthy.
Chapter PDF
Similar content being viewed by others
References
Grance, T., Mell, P.: The nist definition of cloud computing. National Institute of Standards & Technology (NIST) (2009), http://www.nist.gov/itl/cloud/upload/cloud-def-v15.pdf
Roschke, S., Cheng, F., Meinel, C.: Intrusion detection in the cloud. In: IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 729–734 (2009)
Top threats to cloud computing (2009), https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf
Garca-Teodoro, P., Daz-Verdejo, J., Maci-Fernndez, G., Vzquez, E.: Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security 28, 18–28 (2009)
Marinova-Boncheva, V.: A short survey of intrusion detection systems. Problems of Engineering Cybernetics and Robotics (2007), http://www.iit.bas.bg/PECR/58/23-30.pdf
Guilbault, N., Guha, R.: Experiment setup for temporal distributed intrusion detection system on amazon’s elastic compute cloud. In: IEEE International Conference on Intelligence and Security Informatics, ISI 2009, pp. 300–302 (2009)
Bakshi, A., Dujodwala, Y.B.: Securing cloud from ddos attacks using intrusion detection system in virtual machine. In: International Conference on Communication Software and Networks, pp. 260–264 (2010)
Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a network ids into an open source cloud computing environment. In: Sixth International Conference on Information Assurance and Security (IAS), pp. 265–270 (2010)
Lo, C.C., Huang, C.C., Ku, J.: A cooperative intrusion detection system framework for cloud computing networks. In: Proceedings of the 2010 39th International Conference on Parallel Processing Workshops, ICPPW 2010, pp. 280–284. IEEE Computer Society (2010)
Vieira, K., Schulter, A., Westphall, C., Westphall, C.: Intrusion detection for grid and cloud computing. It Professional 12(4), 38–43 (2010)
Eucalyptus, http://www.eucalyptus.com/
Opennebula, http://www.opennebula.org/
Nimbus, www.nimbusproject.org/
Snort, network intrusion detection and prevention system, http://www.snort.org/
Nurmi, D., Wolski, R., Grzegorczyk, C., Obertelli, G., Soman, S., Youseff, L., Zagorodnov, D.: The eucalyptus open-source cloud-computing system. In: Proceedings of the 2009 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, CCGRID 2009, pp. 124–131. IEEE Computer Society (2009)
Nurmi, D., Wolski, R., Grzegorczyk, C., Obertelli, G., Soman, S., Youseff, L., Zagorodnov, D.: A technical report on an elastic utility computing architecture linking your programs to useful systems (2008), open.eucalyptus.com
Mokube, I., Adams, M.: Honeypots: concepts, approaches, and challenges. In: Proceedings of the 45th Annual Southeast Regional Conference, ACM-SE 45, pp. 321–326. ACM (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 IFIP International Federation for Information Processing
About this paper
Cite this paper
Borisaniya, B., Patel, A., Patel, D.R., Patel, H. (2012). Incorporating Honeypot for Intrusion Detection in Cloud Infrastructure. In: Dimitrakos, T., Moona, R., Patel, D., McKnight, D.H. (eds) Trust Management VI. IFIPTM 2012. IFIP Advances in Information and Communication Technology, vol 374. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29852-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-29852-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29851-6
Online ISBN: 978-3-642-29852-3
eBook Packages: Computer ScienceComputer Science (R0)