Till all are one: Towards a unified cloud IDS

Abstract

Recently there is a trend to use cloud computing on service deployment, enjoying various advantages that it offers with emphasis on the economy which is achieved in the era of the financial crisis. However, along with the transformation of technology, several security issues are raised and especially the threat of malicious insiders. For instance, insiders can use their privileged position to accomplish an attack against the cloud infrastructure. In this paper we introduce a practical and efficient intrusion detection system solution for cloud based on the advantages of CUDA technology. The proposed solution audits the deployed virtual machines operation, and correlates the collected information to detect uncommon behavior based on Smith-Waterman algorithm. To do so, we collect the system calls of cloud virtual machines and compare them with pre-defined attack signatures. We implement the core of the detection module both sequentially and in parallel on CUDA technology. We evaluate our solution on experimental CUDA enabled cloud system in terms of performance using well known attack patterns. Results indicate that our approach improve highly the efficiency of detection in terms of processing time compared to a sequential implementation.