Integration of network intrusion detection systems and honeypot networks for cloud security

2017 International Conference on Computing, Communication and Automation (ICCCA) Pub Date : 2017-05-01 DOI:10.1109/CCAA.2017.8229911

Varan Mahajan, S. K. Peddoju

{"title":"Integration of network intrusion detection systems and honeypot networks for cloud security","authors":"Varan Mahajan, S. K. Peddoju","doi":"10.1109/CCAA.2017.8229911","DOIUrl":null,"url":null,"abstract":"With an aim of provisioning fast, reliable and low cost services to the users, the cloud-computing technology has progressed leaps and bounds. But, adjacent to its development is ever increasing ability of malicious users to compromise its security from outside as well as inside. The Network Intrusion Detection System (NIDS) techniques has gone a long way in detection of known and unknown attacks. The methods of detection of intrusion and deployment of NIDS in cloud environment are dependent on the type of services being rendered by the cloud. It is also important that the cloud administrator is able to determine the malicious intensions of the attackers and various methods of attack. In this paper, we carry out the integration of NIDS module and Honeypot Networks in Cloud environment with objective to mitigate the known and unknown attacks. We also propose method to generate and update signatures from information derived from the proposed integrated model. Using sandboxing environment, we perform dynamic malware analysis of binaries to derive conclusive evidence of malicious attacks.","PeriodicalId":6627,"journal":{"name":"2017 International Conference on Computing, Communication and Automation (ICCCA)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Computing, Communication and Automation (ICCCA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CCAA.2017.8229911","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

With an aim of provisioning fast, reliable and low cost services to the users, the cloud-computing technology has progressed leaps and bounds. But, adjacent to its development is ever increasing ability of malicious users to compromise its security from outside as well as inside. The Network Intrusion Detection System (NIDS) techniques has gone a long way in detection of known and unknown attacks. The methods of detection of intrusion and deployment of NIDS in cloud environment are dependent on the type of services being rendered by the cloud. It is also important that the cloud administrator is able to determine the malicious intensions of the attackers and various methods of attack. In this paper, we carry out the integration of NIDS module and Honeypot Networks in Cloud environment with objective to mitigate the known and unknown attacks. We also propose method to generate and update signatures from information derived from the proposed integrated model. Using sandboxing environment, we perform dynamic malware analysis of binaries to derive conclusive evidence of malicious attacks.

查看原文本刊更多论文

融合网络入侵检测系统和蜜罐网络，实现云安全

为了向用户提供快速、可靠、低成本的服务，云计算技术得到了突飞猛进的发展。但是，与其发展相伴随的是恶意用户从外部和内部破坏其安全性的能力日益增强。网络入侵检测系统(NIDS)技术在检测已知和未知攻击方面取得了长足的进步。在云环境中检测入侵和部署NIDS的方法取决于云所提供的服务类型。云管理员能够确定攻击者的恶意意图和各种攻击方法也很重要。本文将NIDS模块与蜜罐网络在云环境下进行集成，目的是减轻已知和未知的攻击。我们还提出了一种从所提出的集成模型中获得的信息生成和更新签名的方法。利用沙盒环境，对二进制文件进行动态恶意软件分析，得出恶意攻击的确凿证据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2017 International Conference on Computing, Communication and Automation (ICCCA)

自引率

0.00%

发文量