Azuan Ahmad, Wan Shafiuddin Zainudin, M. Kama, N. Idris, M. Saudi
{"title":"Cloud Co-Residency Denial of Service Threat Detection Inspired by Artificial Immune System","authors":"Azuan Ahmad, Wan Shafiuddin Zainudin, M. Kama, N. Idris, M. Saudi","doi":"10.1145/3299819.3299821","DOIUrl":null,"url":null,"abstract":"Cloud computing introduces concerns about data protection and intrusion detection mechanism. A review of the literature shows that there is still a lack of works on cloud IDS that focused on implementing real-time hybrid detections using Dendritic Cell algorithm (DCA) as a practical approach. In addition, there is also lack of specific threat detection built to detect intrusions targeting cloud computing environment where current implementations still using traditional open source or enterprise IDS to detect threats targeting cloud computing environment. Cloud implementations also introduce a new term, \"co-residency\" attack and lack of research focusing on detecting this type of attack. This research aims to provide a hybrid intrusion detection model for Cloud computing environment. For this purpose, a modified DCA is proposed in this research as the main detection algorithm in the new hybrid intrusion detection mechanism which works on Cloud Co-Residency Threat Detection (CCTD) that combines anomaly and misuse detection mechanism. This research also proposed a method in detecting co-residency attacks. In this paper the co-residency attack detection model was proposed and tested until satisfactory results were obtained with the datasets. The experiment was conducted in a controlled environment and conducted using custom generated co-residency denial of service attacks for testing the capability of the proposed model in detecting novel co-residency attacks. The results show that the proposed model was able to detect most of the types of attacks that conducted during the experiment. From the experiment, the CCTD model has been shown to improve DCA previously used to solve similar problem.","PeriodicalId":119217,"journal":{"name":"Artificial Intelligence and Cloud Computing Conference","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Artificial Intelligence and Cloud Computing Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3299819.3299821","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Cloud computing introduces concerns about data protection and intrusion detection mechanism. A review of the literature shows that there is still a lack of works on cloud IDS that focused on implementing real-time hybrid detections using Dendritic Cell algorithm (DCA) as a practical approach. In addition, there is also lack of specific threat detection built to detect intrusions targeting cloud computing environment where current implementations still using traditional open source or enterprise IDS to detect threats targeting cloud computing environment. Cloud implementations also introduce a new term, "co-residency" attack and lack of research focusing on detecting this type of attack. This research aims to provide a hybrid intrusion detection model for Cloud computing environment. For this purpose, a modified DCA is proposed in this research as the main detection algorithm in the new hybrid intrusion detection mechanism which works on Cloud Co-Residency Threat Detection (CCTD) that combines anomaly and misuse detection mechanism. This research also proposed a method in detecting co-residency attacks. In this paper the co-residency attack detection model was proposed and tested until satisfactory results were obtained with the datasets. The experiment was conducted in a controlled environment and conducted using custom generated co-residency denial of service attacks for testing the capability of the proposed model in detecting novel co-residency attacks. The results show that the proposed model was able to detect most of the types of attacks that conducted during the experiment. From the experiment, the CCTD model has been shown to improve DCA previously used to solve similar problem.