Performance analysis and security based on intrusion detection and prevention systems in cloud data centers

Abstract

Intrusion Detection Systems allow detection of unwanted attempts accessing which can violate security policy, manipulation or disabling of computer systems through the Internet. IDS plays a vital role in securing cloud data centers. This paper introduces an analytical model based on embedded Markov chain to analyze the packet processing using Bro IDPS (Intrusion Detection Prevention System). In this paper, we combine the preventive and detective rules to find a trade-off between network performance and security. We focus on how to enhance the detection engine and to predict the attack signatures taking into account of average service time, packet loss and blocking probability.