An intrusion detection and prevention system in cloud computing: A systematic review

Journal of Network and Computer Applications

Volumn 36, Issue 1, 2013, Pages 25-41

  Patel, Ahmed ^a,b   Taghavi, Mona ^a   Bakhtiyari, Kaveh ^a   Celestino Júnior, Joaquim ^c  

^a UNIVERSITI KEBANGSAAN MALAYSIA   (Malaysia)

^b KINGSTON UNIVERSITY   (United Kingdom)

^c STATE UNIVERSITY OF CEARÁ   (Brazil)

Author keywords

Alarm correlation; Cloud computing; Intrusion detection and prevention; System requirements; Taxonomy

Indexed keywords

ALARM CORRELATION; ALARM MANAGEMENT; AUTONOMIC COMPUTING; COMPUTING ENVIRONMENTS; COMPUTING SYSTEM; CYBER-ATTACKS; FUZZY THEORY; INTRUSION DETECTION AND PREVENTION; INTRUSION DETECTION AND PREVENTION SYSTEMS; OPEN STRUCTURE; SELF MANAGEMENT; SYSTEM REQUIREMENTS; SYSTEMATIC REVIEW;

CLOUD COMPUTING; COMPUTER CRIME; INTRUSION DETECTION; RISK MANAGEMENT; TAXONOMIES;

COMPUTER SYSTEMS;

EID: 84870667876     PISSN: 10848045     EISSN: 10958592     Source Type: Journal    
DOI: 10.1016/j.jnca.2012.08.007     Document Type: Review

References (91)

1. S Al-Mamory, and H Zhang New data mining technique to enhance IDS alarms quality Journal in Computer Virology 6 2010 43 55
2. NB Anuar, H Sallehudin, A Gan, and O Zakari Identifying false alarm for network intrusion detection system using data mining and decision tree Malaysian Journal of Computer Science 21 2008 101 115
3. J Arshad, P Townend, and J Xu A novel intrusion severity analysis approach for Clouds Future Generation Computer Systems 2012
4. O. Awodele, S Idowu, O Anjorin, and VJ Joshua A multi-layered approach to the design of intelligent intrusion detection and prevention system (IIDPS) Issues in Informing Science and Information Technology 6 2009
5. S Axelsson Intrusion Detection Systems: A Taxonomy and Survey. Technical Report No 99-15, Department of Computer Engineering 2000 Chalmers University of Technology Sweden
6. F Azmandian, M Moffie, M Alshawabkeh, J Dy, J Aslam, and D Kaeli Virtual machine monitor-based lightweight intrusion detection SIGOPS - Operating Systems Review 45 2011 38 53
7. Beale J, AR Baker,B Caswell, and M Poor, Snort 2.1 Intrusion Detection, ed.: Syngress Media Inc, 2004, p. 25
8. PG Bringas, and YK Penya Next-generation misuse and anomaly prevention system Enterprise Information Systems 19 2009 117 129
9. PG Bringas, and YK Penya J Filipe, J Cordeiro, Next-Generation Misuse and Anomaly Prevention System Enterprise Information Systems 19 2009 Springer Berlin Heidelberg 117 129
10. A Byrski, and M Carvalho M Bubak, G van Albada, J Dongarra, P Sloot, Agent-Based Immunological Intrusion Detection System for Mobile Ad-Hoc Networks Computational Science - ICCS 2008 5103 2008 Springer Berlin/Heidelberg 584 593
11. G Carl, G Kesidis, RR Brooks, and S Rai Denial-of-service attack-detection techniques Internet Computing, IEEE, 10 2006 82 89
12. O Castillo Type-2 Fuzzy Logic in Intelligent Control Applications, in Type-2 Fuzzy Logic 2012 Springer Berlin/ Heidelberg pp. 7-22.
13. V Chandola, A Banerjee, and V Kumar Anomaly detection: a survey ACM Computing Surveys 41 2009 1 58
14. M Chen, T Kwon, Y Yuan, and V Leung Mobile agent based wireless sensor networks Journal of Computers 1 2006 14 21
15. K.-KR Choo The cyber threat landscape: challenges and future research directions Computers & Security 30 2011 719 731
16. O Chung-Ming Host-based intrusion detection systems adapted from agent-based artificial immune systems Neurocomputing 2012
17. Cloud-Security-Alliance. (2010). Top Threats to Cloud Computing V1.0. Available: 〈https://cloudsecurityalliance.org/topthreats/csathreats.v1.0. pdf〉
18. Dastjerdi AV, KA Bakar, and SGH Tabatabaei, Distributed intrusion detection in clouds using mobile agents, in Third International Conference on Advanced Engineering Computing and Applications in Sciences, Sliema. pp. 175-180, 2009.
19. Dhage S, B Meshram, R Rawat, S Padawe, M Paingaokar, and A Misra, Intrusion detection system in cloud computing environment, in International Conference & Workshop on Emerging Trends in Technology, New York, NY, USA pp. 235-9, 2011.
20. HT Elshoush, and IM Osman Alert correlation in collaborative intelligent intrusion detection systems - a survey Applied Soft Computing 11 2011 4349 4365
21. JM Estevez-Tapiador, P Garcia-Teodoro, and JE Diaz-Verdejo Anomaly detection methods in wired networks: a survey and taxonomy Computer Communications 27 2004 1569 1584
22. Foster I, Y Zhao, I Raicu, and S Lu, Cloud computing and grid computing 360-degree compared, in Grid Computing Environments Workshop, 2008. GCE '08 Austin, TX. pp. 1-10, 2008
23. Gaffney JEJr and JW Ulvila, Evaluation of intrusion detectors: a decision theory approach, in IEEE Symposium on Security and Privacy, 2001. S&P 2001, Oakland, CA, USA. pp. 50-61, 2001.
24. Galante J., O Kharif, and P Alpeyev (2011, May 17, 2011). Sony Network Breach Shows Amazon Cloud's Appeal for Hackers. Available: 〈http://www. bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lures- hackers-at-pennies-an-hour.html〉
25. P García-Teodoro, J Díaz-Verdejo, G Maciá- Fernández, and E Vázquez Anomaly-based network intrusion detection: techniques, systems and challenges Computers & Security 28 2009 18 28
26. B Grobauer, T Walloschek, and E Stocker Understanding cloud computing vulnerabilities Security & Privacy, IEEE 9 2011 50 57
27. Gunasekaran S., Comparison of network intrusion detection systems in cloud computing environment, in international conference on computer communication and informatics (ICCCI), Coimbatore, pp. 1-6, 2012.
28. N Gustavo, and C Miguel Anomaly-based intrusion detection in software as a service Dependable Systems and Networks Workshops 2011 19 24
29. Á Herrero, and E Corchado A Abraham, A-E Hassanien, A de Carvalho, Mining Network Traffic Data for Attacks through MOVICAB-IDS Foundations of Computational Intelligence 4 204 2009 Springer Berlin/ Heidelberg 377 394
30. XD Hoang, J Hu, and P Bertok A program-based anomaly intrusion detection scheme using multiple detection engines and fuzzy inference Journal of Network and Computer Applications 32 2009 1219 1228
31. K Hwang, M Cai, Y Chen, and M Qin Hybrid intrusion detection with weighted signature generation over anomalous internet episodes Dependable and Secure Computing, IEEE Transactions on 4 2007 41 55
32. A Jaiswal, and S Jain Database intrusion prevention cum detection system with appropriate response International Journal of Information Technology 2 2010 651 656
33. H Jin, G Xiang, D Zou, S Wu, F Zhao, M Li, and W Zheng A VMM-based intrusion prevention system in cloud computing environment The Journal of Supercomputing 2011 1 19
34. P Kazienko, and P Dorosz Intrusion Detection Systems Windowsecurity 2004
35. F Kerschbaum, EH Spafford, and D Zamboni Using internal sensors and embedded detectors for intrusion detection Journal of Computer Security 10 2002 23 70
36. Klüft S, Alarm management for intrusion detection systems - prioritizing and presenting alarms from intrusion detection systems, Master, Computer Science Programme, master of science thesis, University of Gothenburg, 〈http://hdl.handle.net/2077/28856〉, 2012.
37. S Khanum, M Usman, and A Alwabel Mobile agent based hierarchical intrusion detection system in wireless sensor networks International Journal of Computer Science Issues, IJCSI 9 2012
38. Kholidy HA and F. Baiardi, CIDS: a Framework for Intrusion Detection in Cloud Systems, in Ninth International Conference on Information Technology: New Generations (ITNG), Las Vegas, NV, pp. 379-5, 2012.
39. MT Khorshed, ABMS Ali, and SA Wasimi A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing Future Generation Computer Systems 28 2012 833 851
40. JM Kizza System intrusion detection and prevention JM Kizza, A Guide to Computer Network Security 2009 Springer London 273 298
41. Lee JH, MW Park, JH Eom, and TM Chung, Multi-level Intrusion Detection System and log management in Cloud Computing, in 13th international conference on advanced communication technology (ICACT), Seoul, pp. 552-5, 2011.
42. Lee JH, MW Park, JH Eom, and TM Chung, Multi-level intrusion detection system and log management in cloud computing, 13th international conference on advanced communication technology (ICACT), pp. 552-5, 2011.
43. Leitner M, Leitner P, Zach M, Collins S, Fahy C, Fault management based on peer-to-peer paradigms; a case study report from the celtic project madeira, in 10th IFIP/IEEE International Symposium on Integrated Network Management, pp. 697-700, 2007.
44. G Liang, T Li, J Ni, Y. Jiang, J Yang, and X Gong An immunity-based dynamic multilayer intrusion detection system D-S Huang, K Li, G Irwin, Computational Intelligence and Bioinformatics 4115 2006 Springer Berlin Heidelberg 641 650
45. R. Lippmann, S Webster, and D Stetson The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection A Wespi, G Vigna, L Deri, Recent Advances in Intrusion Detection 2516 2002 Springer Berlin/ Heidelberg 307 326
46. Y Li, C Jing, and J Xu K Li, M Fei, L Jia, G Irwin, A New Distributed Intrusion Detection Method Based on Immune Mobile Agent Life System Modeling and Intelligent Computing 6328 2010 Springer Berlin/Heidelberg 233 243
47. W Li, and S Tian An ontology-based intrusion alerts correlation system Expert Systems with Applications 37 2010 7138 7146
48. F Maggi, M Matteucci, and S Zanero Reducing false positives in anomaly detectors through fuzzy alert aggregation Information Fusion 10 2009 300 311
49. N Mansour, M Chehab, and A Faour Filtering intrusion detection alarms Cluster Computing 13 2010 19 29
50. Martínez CA, Echeverri GI, and Sanz AGC, Malware detection based on cloud computing integrating intrusion ontology representation, in IEEE Latin-American Conference on Communications (LATINCOM), Bogota, pp. 1-6, 2010.
51. MM Masud, TM Al-Khateeb, KW Hamlen, J Gao, L Khan, J Han, and B Thuraisingham Cloud-based malware detection for evolving data streams ACM Transactions Management Information Systems 2 2008 1 27
52. AP Moore, DM Cappelli, and RF Trzeciak The Big Picture of insider it sabotage across U.S. critical infrastructures S J Stolfo, SM Bellovin, AD Keromytis, S Hershkop, SW Smith, S Sinclair, Insider Attack and Cyber Security 39 2008 Springer US 17 52
53. GM Nazer, and AAL Selvakumar Current intrusion detection techniques in information technology - a detailed analysis European Journal of Scientific Research 65 2011 611 624
54. A Patcha, and J-M Park An overview of anomaly detection techniques: existing solutions and latest technological trends Computer Networks 51 2007 3448 3470
55. Patel A, Qassim Q, Shukor Z, Nogueira J, Júnior J, Wills C, Autonomic agent-based self-managed intrusion detection and prevention system, in South African information security multi-conference (SAISMC 2010), Port Elizabeth, South Africa, pp. 223-24, 2009.
56. A Patel, Q Qassim, and C Wills A survey of intrusion detection and prevention systems Information Management and Computer Security 18 2010 277 290
57. R Perdisci, G Giacinto, and F Roli Alarm clustering for intrusion detection systems in computer networks Engineering Applications of Artificial Intelligence 19 2006 429 438
58. T Pietraszek, and A Tanner Data mining and machine learning - towards reducing false positives in intrusion detection Information Security Technical Report 10 2005 169 183
59. A Rasoulifard, A Ghaemi Bafghi, and M Kahani Incremental hybrid intrusion detection using ensemble of weak classifiers H Sarbazi-Azad, B Parhami, S-G Miremadi, S Hessabi, Advances in Computer Science and Engineering 6 2009 Springer Berlin Heidelberg 577 584
60. Roschke S, F Cheng, and C Meinel, Intrusion detection in the Cloud, presented at the Eighth IEEE international conference on dependable, autonomic and secure computing, pp. 729-34, 2009.
61. K Scarfone, and P Mell Guide to Intrusion Detection and Prevention Systems (idps) Special Publication 800 2007 NIST p. 94
62. L Schubert, K Jeffery, and B Neidecker-Lutz The future for cloud computing: opportunities for european cloud computing beyond Expert Group Report, Public Version1, European Commission 2010 2010
63. A Shabtai, Y Fledel, U Kanonov, Y Elovici, S Dolev, and C Glezer Google android: a comprehensive security assessment Secur. Privacy IEEE 8 2010 35 44
64. T Sharma, and K Sinha Intrusion detection systems technology International Journal of Engineering and Advanced Technology (IJEAT) 1 2011 28 33
65. T Shon, X Kovah, and J Moon Applying genetic algorithm for classifying anomalous TCP/IP packets Neurocomputing 69 2006 2429 2433
66. M-L Shyu, and V Sainani A multiagent-based intrusion detection system with the support of multi-class supervised classification L Cao, Data Mining and Multi-agent Integration 2009 Springer US 127 142
67. A. Smith, and N Johnson A smart sensor to detect the falls of the elderly Pervasive Computing, IEEE 3 2004 42 47
68. Smith D, Q Guan, and S Fu, An Anomaly Detection Framework for Autonomic Management of Compute Cloud Systems, 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), Seoul, pp. 376-1, 2010.
69. GP Spathoulas, and SK Katsikas Reducing false positives in intrusion detection systems Computers & Security 29 2010 35 44
70. T Sproull, and J Lockwood Distributed instrusion prevention in active and extensible networks active networks G Minden, K Calvert, M Solarski, M Yamamoto, Lecture Notes in Computer Science 3912 2007 Springer Berlin/Heidelberg 54 65
71. S Subashini, and V Kavitha A survey on security issues in service delivery models of cloud computing Journal of Network and Computer Applications 34 2011 1 11
72. M-Y Su, G-J Yu, and C-Y Lin A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach Computers & Security 28 2009 301 309
73. BK Sy Integrating intrusion alert information to aid forensic explanation: an analytical intrusion detection framework for distributive IDS Inf. Fusion 10 2009 325 341
74. Takahashi T, Y Kadobayashi, and H Fujiwara, Ontological approach toward cybersecurity in cloud computing, presented at the Proceedings of the 3rd international conference on Security of information and networks, Taganrog, Rostov-on-Don, Russian Federation, 2010.
75. G Thatte, U Mitra, and J Heidemann Parametric methods for anomaly detection in aggregate traffic, IEEE/ACM Transactions on Networking (TON) 19 2011 512 525
76. GC Tjhai, SM Furnell, M Papadaki, and NL Clarke A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm Computers & Security 29 2010 712 723
77. U Topaloglu, and C Bayrak Secure mobile agent execution in virtual environment Autonomous Agents and Multi-Agent Systems 16 2008 1 12
78. Tupakula U, V Varadharajan, and N Akku, Intrusion Detection Techniques for Infrastructure as a Service Cloud, IEEE International Conference on Dependable, Autonomic and Secure Computing pp. 744-1, 2011.
79. J Viega Cloud computing and the common man Computer 42 2009 106 108
80. K Vieira, A Schulter, and C Westphall Ntrusion detection for grid and cloud computing IT Professional 12 2010 38 43
81. C Vincent Zhou, C Leckie, and S Karunasekera Decentralized multi-dimensional alert correlation for collaborative intrusion detection Journal of Network and Computer Applications 32 2009 1106 1123
82. Wang C, Q Wang, K Ren, and W Lou, Ensuring data storage security in cloud computing, in 17th International Workshop on Quality of Service, 2009. IWQoS, Charleston, SC. pp. 1-9, 2009
83. ME Whitman, and HJ Mattord Principles of Information Security, ed.: Course Technology Ptr 2011 315
84. SX Wu, and W Banzhaf The use of computational intelligence in intrusion detection systems: a review Applied Soft Computing 10 2010 1 35
85. M Xie, S Han, B Tian, and S Parvin Anomaly detection in wireless sensor networks: a survey Journal of Network and Computer Applications 34 2011 1302 1325
86. Xin W, H Ting-lei, and L Xiao-yu, Research on the Intrusion detection mechanism based on cloud computing, in 2010 International Conference on Intelligent Computing and Integrated Systems (ICISS), Guilin, pp. 125-8, 2010.
87. D Xu, and P Ning Correlation analysis of intrusion alerts Intrusion Detection Systems 38 2008 Springer US 65-92
88. WT Yue, and M Çakanyldrm A cost-based analysis of intrusion detection system configuration under active or passive response Decision Support System 50 2010 21 31
89. Zargar ST, H Takabi, and JBD Joshi, Dcdidp: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments, in International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, Florida, 2011.
90. J Zeng, T Li, G Li, and H Li A new intrusion detection method based on antibody concentration emerging intelligent computing technology and applications D-S Huang, K-H Jo, H-H Lee, H-J Kang, V Bevilacqua, With Aspects of Artificial Intelligence 5755 2009 Springer Berlin/ Heidelberg 500 509
91. CV Zhou, C Leckie, and S Karunasekera A survey of coordinated attacks and collaborative intrusion detection Computers & Security 29 2010 124 140