In a public cloud computing environment, consumers cannot always just depend on the cloud provider’s security infrastructure. They may need to monitor and protect their virtual existence by implementing their own intrusion detection capabilities along with other security technologies within the cloud fabric. Also, cloud consumers may want to collect network traffic and log them for further analysis. This can help them in writing tailor-made attacking scenarios specifically designed based on the nature of the application they want to protect. Furthermore, consumers’ applications can be distributed among different regions of the cloud or in non-cloud locations. The need to protect all these assets from a centralized location is fundamental to many cloud consumers.
We provide a framework and implementation for an intrusion detection system that is suitable for the public cloud environment. The Intrusion Detection as a Service (IDSaaS) targets security of the infrastructure level for a public cloud (IaaS) by providing intrusion detection technology that is highly elastic, portable and fully controlled by the cloud consumer. These features allow cloud consumers to protect their cloud-based applications from security threats and unauthorized intruders. We developed a proof-of-concept prototype on Amazon EC2 cloud and performed different experiments to evaluate its performance. After examining the experimental results, we found that IDSaaS can provide the required protection in a reasonable and effective manner. / Thesis (Master, Computing) -- Queen's University, 2013-01-10 08:29:23.136
Identifer | oai:union.ndltd.org:LACETR/oai:collectionscanada.gc.ca:OKQ.1974/7740 |
Date | 11 January 2013 |
Creators | Alharkan, TURKI |
Contributors | Queen's University (Kingston, Ont.). Theses (Queen's University (Kingston, Ont.)) |
Source Sets | Library and Archives Canada ETDs Repository / Centre d'archives des thèses électroniques de Bibliothèque et Archives Canada |
Language | English, English |
Detected Language | English |
Type | Thesis |
Rights | This publication is made available by the authority of the copyright owner solely for the purpose of private study and research and may not be copied or reproduced except as permitted by the copyright laws without written authority from the copyright owner. |
Relation | Canadian theses |
Page generated in 0.0019 seconds