Signature based semantic intrusion detection system on cloud

Abstract

Now a days, many enterprise applications are using cloud platform. Security is the most sensitive issue in cloud platform. Intrusion detection System is used to protect the Virtual machine from threats. This paper proposes Application level Signature based Semantic Intrusion Detection System, which concentrates on the application level to detect application specific attacks. A packet sniffer is placed between cloud user and Virtual cloud provider. The packets of various protocols are captured by packet sniffer and dispatch it to its corresponding parser. The parser translates a sequence of packets into protocol messages and dispatches the packet to the corresponding state machine which consists of message parsing grammar. The message parsing grammar analyses the messages and checks with the semantic rules. If any signature does not matches with the rule-base and found to be malicious. The IDS interpreter generates alert to the cloud provider. The Signature based semantic Intrusion Detection System reduces the false alarm rate. So, the accuracy of the detection rate gets increased.