Multi-Level Intrusion Detection System and Log Management in Cloud Computing
Ibebuogu C.C Ph.D, Dr. Alphonsus Agbakwuru, Chinagorom Oluchi Maureen
Abstract
The aim of this project is to design a cloud based intrusion detection system that will help detect cyber-attack. Cloud computing is increasingly being used by many organizations and individual users for their computing activities; hence the increased susceptibility to threats of the cloud provided services and resources, and poor log management system of the large number of cloud logs. Existing intrusion systems use more resources than necessary while preventing threats, hence having reduced resources left to allocate to users, also they use the same intrusion detection system for all level of services available on the cloud environment, lastly they provide platform for users to monitor their activity logs but with limited control over submission of suspected threats. A model for the system was designed with the use of diagram, sequence diagram, activity diagram and collaboration diagram. The database of the system was designed using MySQL database running on Apache Server in order to simulate a central database and have direct connection with a cloud environment. A cloud environment was simulated using a web environment to enable testing of the system locally on the computer during the implementation process, using html, and PHP for the backend code. A multi-level intrusion detection and log management system in the cloud-computing environment was designed and developed to ensure and achieve effectiveness and efficiency of using cloud resources without causing a trade-off between them, and enable users monitor their logs efficiently thereby black listing suspected threat IP address. The simulated system made use of an intrusion detection system that uses minimum resources to enable verified cloud users to use the resource on the cloud without fear of threats or intrusion, after passing the different security levels and blocks unauthorized users from the cloud environment.
References
in International Journal of Computer Science Issues, Vol. 9, Issue 5.
Bace R., and Peter M. (2003).NIST Special Publication on Intrusion Detection Systems.
Debar H., M.Dacier and A.Wespi, Towards a Taxonomy of Intrusion Detection System, Intβl J.
Computer and Telecommunications Networking, vol. 31, no.9, pp. 805-822, 1999.
Enisa C. (2009).Cloud Computing Risk Assessment.
Jae Hyuk Jang (2010). Cisco, Cloud Computing: Drive Business Paradigm Shift.
Kemmerer, D., Vigna, G.: Intrusion Detection: A brief history and overview. Computer 35(4),
27- 30 (2002).
