Cloud intrusion detection System

IN THE NAME OF ALLAH
Most Gracious, Most Merciful

Cloud Network Intrusion Detection
Mohammad Sadegh Salehi
By:
Fall 2015
2

genda
01
What is CLOUD Computing?
History of CLOUD Computing
02
CLOUD Types And Models
03
CLOUD Advantage and Disadvantage
04
CLOUD Intrusion Detection - article
05

Cloud Network Intrusion Detection Fall 2015 4 / 34
The Cloud?
hat is
C loud Computing
CLOUD COMPUTING evolved
from the term “the cloud”,
Cloud Computing is the overarching ability for user to access
data, application, and services remotely, using internet.
THE CLOUD is a metaphor for
the internet that was born
from diagrams depicting the
internet as a cloud.
CLOUD SERVICES, or cloud
computing, can be categorized
into three different levels.
Cloud History
Cloud Types
Cloud Models
Adv And DisAdv
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

C loud Computing
Cloud History
Cloud Types
Cloud Models
Adv And DisAdv
Cloud Components
It has three components
1.) Client computers
2.) Distributed Servers
3.) Datacenters
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

C loud Computing
Cloud History
Cloud Types
Cloud Models
Adv And DisAdv
Clients
 Clients are the device that the end user interact with cloud.
 Four types of clients:
1.) Mobile and Tablet,
2.) Thick,
3.) Thin (Most Popular),
4.) Zero (UltraThin).
 It is collection of servers where application is placed and is accessed via internet.
Datacenters
Distributed servers
 Often servers are in geographically different places, but server acts as if they are
working next to each other.
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud Types
Cloud Models
Adv And DisAdv
L loud istory
Cloud Computing Cloud Computing:
Past, Present and Future
1960s
Ideas about
computation as
a public utility
emerged in
public discourse
and literature
2001
Autonomic Computing
evolved as systems to
aid self-management.
1997
The word “cloud computing” was first used by
information system Prof.Ramnach Chelappa.
2006
Amazon offered “Amazon
Web Service” cloud
computing to customers
2007
Research on Cloud
Computing was
undertaken by companies
like Google and IBM
Early 2008
Open Source AWS API-compatible platform called
Eucalyptus offered private clouds.
Packaging of computing resource become a metered
service called Utility Computing.
Mid 2008
Organization began switching from company-
owned hardware to cloud services.
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud Types
Cloud Models
Adv And DisAdv
L loud istory
Cloud Computing Cloud Computing:
Past, Present and Future
2009
The National science Foundation awarded
approx. $5 million in grants for researching
cloud computing.
2010
Microsoft Azure become
commercially available.
2013
$78bn worldwide public
cloud Service Market.
2015
$114.3bn worldwide
public cloud Service
Market.
The Future of
Cloud Computing: Studies predict more than 50% of all
information technology will be in the
cloud within the next 5 to 10 years
43%
In the next 5years , hybrid clouds are
expected to represent 43% of the market
higher than both public and private.
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud Types
Cloud Models
Adv And DisAdv
L loud istory
Cloud Computing What we store in the Cloud Today ?
By 2016 the Asia-Pacific market is expected to account for
1.5 Zb of global cloud computing usage.
Notes &
Research
Music Address
Book
Calendars Business
Docs
Emails Photo
43
%
43
%
44
%
48
%
66
%
70
%
75
%
According to a survey by Endurance
International Group, The following type
of data is most commonly stored on the
cloud,
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing
Public, Private or Hybrid??
 In The “Cloud” infrastructure, platforms, software or processes are provided by
external IT services.
 There are some key point to consider when deciding which cloud is to be used:
To what extent
application that want to
move to the cloud are
essential for business.
Data protection
requirements.
Applications
Workloads.
Application integration
with other business
Function.
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing Public CLOUD:
Data (text messages,
mails, documents …).
Metadata (origin, destination, text length,
time , call duration)
Applications, storage and other resources
are available through the service provider.
The public cloud is
usually maintained
and managed by a
service provider
unrelated to the
end customer.
Service Provider
Services applications and
storage is available to users
via internet, “as a service”,
usually with a pay per use
system.
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing Public CLOUD (cont):
Reduces complexity and deadlines
because of its fixed structure
Provide less options For
security and Output
customization
Service Provider
The economy of scale that allows
the public cloud computing
technology makes it particularly
attractive
STABLE FOR
Companies that need to be in the market quickly.
Business subjected to less regulatory restriction.
Companies looking to outsource part or all of their IT requirements.
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing Private CLOUD:
Company Servers
External Provider
Companies install
their own servers and
storage hardware's.
You can move workloads
between servers when
demand peaks occur or to
introduce new applications.
Unshared
resource
Increased
storage capacity:
Advanced security solutions high availability
and fault tolerance that have no place in the
public cloud.
Require a high level of commitment by both
the corporation and IT departments.
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing Private CLOUD (cont):
STABLE FOR
Companies that must comply with strict regulation
Crucial applications for the company
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

PUBLIC PRIVATE
Images, Video,
documents,…
Account
Management
Payment
Services, …
Cloud History
Cloud Models
Adv And DisAdv
Cloud Computing ybrid CLOUD:
Cost advantages and scale of
public clouds, combined with the
superior control of private.
Usually, companies run an application
mainly in the private cloud while public
cloud is used to cover peak in demand.
Moderate initial
investment.
Platform scalability.
L loud Types
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing
S ervice Models are the reference models on which the Cloud Computing is based.
These can be categorized into three basic service models as listed below:
 Infrastructure as a Service (IaaS)
 Platform as a Service (PaaS)
 Software as a Service (SaaS)
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing I nfrastructure as a Service (IaaS)
 Usually billed based on usage
 Usually multi tenant virtualized environment
 Can be coupled with Managed Services for OS and application support
IaaS is a model where service providers offer pools of abstract IT
infrastructure resources
 servers, storage, and network component,…
 pay-per-usage model
The service provider owns the equipment and is responsible for
housing, cooling, operation and maintenanceProposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing I nfrastructure as a Service (IaaS)- (cont)
IaaS Examples:
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing I latform as a Service (PaaS)- (cont)
 PaaS provides the runtime environment for applications, development & deployment
tools, etc.
 PaaS provides all of the facilities required to support the complete life cycle of
building and delivering web applications and services entirely from the Internet.
 Typically applications must be developed with a particular platform in mind
 Multi tenant environments
 Highly scalable multi tier architecture
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing I latform as a Service (PaaS)- (cont)
PaaS Examples:
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing I oftware as a Service (SaaS)
SaaS model allows to use software applications as a service to end
users.
SaaS is a software delivery methodology that provides licensed
multi-tenant access to software and its functions remotely as a
Web-based service.
 Usually billed based on usage
 Usually multi tenant environment
 Highly scalable architecture
The Future of Application in the cloud
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing
Saas Examples:
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References
I ervice as a Service (SaaS)

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References
Application
Data
Runtime
Middleware
O/S
Virtualization
Servers
Storage
Networking
Application
Data
Runtime
Middleware
O/S
Virtualization
Servers
Storage
Networking
Application
Data
Runtime
Middleware
O/S
Virtualization
Servers
Storage
Networking
PaaS
IaaS
hostBuildConsume
ManagebyServiceProvider
ManagebyClient

L loud Models
Cloud History
Cloud Types
Adv And DisAdv
Cloud Computing
PaaS:
Rapid development at low cost.
Private or Public deployment
Limits developers to provider languages and tools
SaaS:
Free or paid via subscription
Accessible from any computer
Facilitates collaborative working
Generic applications not always suitable for business use…
Pros and Cons
Proposed Model
Cloud Intrusion
Article Introduce
Conclusion
Ignite
References

Almost limitless storage
500,000 x more capacity
Adv and DisAdv
Cloud History
Cloud Types
Cloud Models
Cloud Intrusion
Cloud Computing
Disadvantage of CLOUD Advantage of CLOUD
Sporadic Batch Computing
Disaster Recovery
Performance
Transparency
Service
Industry ratio for staff-to-customers
Is 3:500
Proposed Model
Article Introduce
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
A rticle introduce
A n Efficient Cloud Network Intrusion Detection System
© Springer India 2015
J.K. Mandal et al. (eds.), Information Systems Design and
Intelligent Applications,
Advances in Intelligent Systems and Computing 339,
DOI 10.1007/978-81-322-2250-7_10
P. Ghosh (&) A.K. Mandal R. Kumar
Information Technology, Netaji Subhash Engineering College, Kolkata, India
e-mail: partha1812@gmail.com
A.K. Mandal
e-mail: abhaynsecit@gmail.com
R. Kumar
e-mail: kumar.rupesh708@gmail.comCloud Intrusion
Proposed Model
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
C loud I ntrusion
Article Introduce
 With the enormous use of Cloud, the probability of occurring
intrusion also increases.
 Intrusion Detection System (IDS) is a stronger strategy to provide
security.
 In the paper, they have proposed an efficient, fast and secure IDS
with the collaboration of:
 Multi-threaded Network Intrusion Detection System (NIDS),
 And Host Intrusion Detection System (HIDS).
Proposed Model
Conclusion
Ignite
References
What is Problem?

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
C loud I ntrusion
Article Introduce  Analysis of packets is done using:
 K-Nearest Neighbor
 And Neural Network (KNN-NN) hybrid classifier.
 After getting the report from the Cloud-IDS:
 Cloud Service Provider (CSP) will generate an alert for the user as well as
maintain a loglist for storing the malicious IP addresses.
 In the Intrusion Detection system,
 Cloud-IDS capture packets from Network,
 Analyze them,
 And send reports to the Cloud Administrator on the basis of analysis.
Proposed Model
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
C loud I ntrusion
Article Introduce
Proposed Model
Fig. 1: Intrusion detection system in cloud environment
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Proposed M odel
Cloud Intrusion
 The Multi-threaded NIDS model for Cloud environment is basically based on three
modules
 Capture and Query module,
 Analysis module,
 And Reporting module.
Conclusion
Ignite
References
P roposed Model - cont:
 In proposed model, network maintenance or monitoring device called NIDS that used at
the bottleneck position of the network.
 In this model, for intrusion detection, they have used multi-threaded NIDS to monitor
the requests send by the user.
 To overcome the large network traffic.
 and for easy process.

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Proposed M odel
Cloud Intrusion
Fig. 2:Flowchart of multithreaded cloud IDS
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Proposed M odel
Cloud Intrusion
Fig. 3 Flowchart of IDS using KNN-NN classifier
Conclusion
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
R eferences:
R eferences
Cloud Intrusion
Proposed Model
Conclusion
Ignite
 Mittal, R., Soni, K.: Analysis of cloud computing architectures. Int. J. Adv. Res.
Comput. Commun. Eng. 2, 2087–2091 (2013)
 Partha, G., Abhay, ,K.and Rupesh Kumar: An Efficient Cloud Network Intrusion
Detection System. Springer, Indea, 2015.
 http:Wikipeda.com, last visited 11/8/2015.
 http://virtualization.itpro.ir, last visited 11/7/2015.

Thank You!
Mohammad Sadegh Salehi S.Salehi@shbu.ac.ir

Mohammad Sadegh Salehi S.Salehi@shbu.ac.ir
‫علی‬ ‫امام‬(‫السالم‬ ‫علیه‬:)
ْ‫ن‬ِ‫م‬ ‫ُم‬‫ک‬ْ‫ی‬َ‫ل‬َ‫ع‬ ُ‫ب‬َ‫ج‬‫أو‬ ِ‫م‬ْ‫ل‬ِ‫ع‬‫ال‬ َ‫ب‬َ‫ل‬َ‫ط‬ َّ‫ن‬‫َإ‬‫و‬ ‫أال‬ ،ِ‫ه‬ِ‫ب‬ ُ‫ل‬َ‫م‬َ‫ع‬‫َال‬‫و‬ ِ‫م‬ْ‫ل‬ِ‫ع‬‫ال‬ ُ‫ب‬َ‫ل‬َ‫ط‬ ِ‫ن‬‫ّی‬‫د‬‫ال‬ َ‫ل‬‫َما‬‫ک‬ َّ‫ن‬‫أ‬ ‫ُوا‬‫م‬َ‫ل‬‫اع‬ ُ‫س‬‫ّا‬‫ن‬‫ال‬ ‫َا‬‫ه‬ُّ‫ی‬‫أ‬َ‫ط‬ِ‫ل‬‫الما‬ ِ‫ب‬َ‫ل‬.
،‫دین‬ ‫کمال‬ ‫که‬ ‫بدانید‬ ‫مردم‬ ‫ای‬‫دانش‬ ‫کسب‬‫شم‬ ‫بر‬ ‫اندوزی‬‫مال‬ ‫از‬ ‫اندوزی‬‫دانش‬ ‫که‬ ‫باشید‬ ‫آگاه‬ ‫و‬ ‫است‬ ‫آن‬ ‫به‬ ‫عمل‬ ‫و‬‫ا‬
‫است‬ ‫تر‬‫واجب‬.
Surely, the completion of one’s faith lies in seeking knowledge and putting it into practice, and know that
seeking knowledge is more necessary for you than amassing wealth.
Imam Ali
‫ج‬ ،‫کافی‬1‫ص‬ ،30

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
I gnite
Cloud Intrusion
Proposed Model
Conclusion
References
Do you Use the Cloud?

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Conclusion
C onclusion
Cloud Intrusion
Fig. 5 Detection accuracy
Proposed Model
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Proposed M odel
Cloud Intrusion
Fig. 4 Intrusion based task of administrator
Conclusion
Resource
Ignite
References

Cloud History
Cloud Types
Cloud Models
Adv And Disadv
Cloud Computing
Article Introduce
Proposed M odel
Cloud Intrusion
 In proposed model, network maintenance or monitoring device called NIDS.
 NIDS used at the bottleneck position of the network.
 In this model, for intrusion detection, they have used multi-threaded NIDS to
monitor the requests send by the user.
 To overcome the large network traffic.
 and for easy process.
Conclusion
Ignite
References
P roposed Model:

Cloud intrusion detection System

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

En vedette

En vedette (9)

Similaire à Cloud intrusion detection System

Similaire à Cloud intrusion detection System (20)

Plus de sadegh salehi

Plus de sadegh salehi (8)

Dernier

Dernier (20)

Cloud intrusion detection System