Detection and prevention of criminal attacks in cloud computing using a hybrid intrusion detection systems

Abstract

In this paper, we provide a cloud based Hybrid Intrusion Detection and Prevention System using signature based method and Genetic Algorithm to defeat DDOS/DOS attacks attempting to compromise the three security goals known as “CIA” or Confidentiality (C), Integrity (I) and Availability (A) of cloud services and resources. We apply Snort-IDS with a combination of Splunk web framework (tool for visualization) to detect and prevent DDOS/DOS attacks based on signature rules. Moreover, to be able to mitigate known/unknown cloud attacks, anomaly detection approach is built using Genetic Algorithm. We deeply analyse, explore the existing Snort-IDS rules for DDOS/DOS attacks, and provide some improvement on the evaluated Snort-IDS rules. Through the analysis of the experimental results, we conclude that our approach could be incorporated in cloud service models to reduce these attacks.