Smart intrusion detection model for the cloud computing

Abstract

Nowadays, Cloud computing is turning into a major trend in the field of computer science. It is referred to as a new data hosting technology that became very popular lately thanks to the repayment of costs induced to companies. However, and since this concept is still in its first stages of use, many new security risks start to appear, making its huge benefits fade compared to the security risks it brings with it. This paper proposes a smart intrusion detection model that is based on the principle of collaboration between many IDSs (Intrusion detection systems). These IDSs are host based intrusion detection systems (HIDS) that are customized in order to support data mining and machine learning and we call them SHIDS (Smart host based intrusion detection systems). The SHIDS are deployed on the different virtual machines in the cloud to detect and protect against attacks targeting applications running on virtual machines by exchanging encrypted IDMEF alerts. This approach provides many benefits in terms of portability and costs. That being said, this paper will set forth the different architectures of intrusion detection systems in the cloud, provide a comparison between the major architectures, propose our intrusion detection architecture and validate it with an experiment using Open stack.