A distributed intrusion detection model based on cloud theory

Abstract

Cloud computing is defined as the storage, management, processing, and accessing information and other data stored in a specific server. With the advent of internet, intrusion attacks have gained sophistication over the time. Distributed attacks could not be detected by the present available intrusion detection system. In this case, we propose a distributed intrusion detection model based on Cloud theory. Our model is composed by Intrusion Detection Agent subsystem and Data Aggregation subsystem. Intrusion Detection Agent subsystem has three parts: data collection module, Cloud decision-making module and communication module. An intrusion detection algorithm based on Cloud theory was proposed to detect intrusion behavior and improve the detection ability to complicated intrusion. Followed by our model, we introduced a strategy to defend DDoS attack using the elastic properties of cloud platform.