Preview

network intrusion detection

Better Essays
Open Document
Open Document
10618 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
network intrusion detection
IEEE TRANSACTIONSN ON DEPENDABLE AND SECURE COMPUTING VOL:10 NO:4 YEAR 2013

1

NICE: Network Intrusion Detection and Countermeasure
Selection in Virtual Network Systems
Chun-Jen Chung, Student Member, IEEE, Pankaj Khatkar, Student Member, IEEE, Tianyi Xing,
Jeongkeun Lee, Member, IEEE, and Dijiang Huang Senior Member, IEEE
Abstract—Cloud security is one of most important issues that has attracted a lot of research and development effort in past few years.
Particularly, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale
Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as multi-step exploitation, low frequency vulnerability scanning, and compromising identified vulnerable virtual machines as zombies, and finally DDoS attacks through the compromised zombies. Within the cloud system, especially the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is extremely difficult. This is because cloud users may install vulnerable applications on their virtual machines. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph based analytical models and reconfigurable virtual network-based countermeasures. The proposed framework leverages OpenFlow network programming APIs to build a monitor and control plane over distributed programmable virtual switches in order to significantly improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the efficiency and effectiveness of the proposed solution. Index Terms—Network Security, Cloud Computing, Intrusion Detection, Attack Graph, Zombie Detection.

!

1

I NTRODUCTION

R

ECENT studies have shown that users migrating to the cloud consider

You May Also Find These Documents Helpful

  • Satisfactory Essays

    c) Logical IDS: Network and workstation mechanisms that monitors network traffic and provide real-time alarms for network-based attacks Service Network.…

    • 1152 Words
    • 4 Pages
    Satisfactory Essays
  • Powerful Essays

    IS3110 U5L1

    • 912 Words
    • 4 Pages

    One of the most important first steps to risk management and implementing a security strategy is to identify all resources and hosts within the IT infrastructure. Once you identify the workstations and servers, you now must then find the threats and vulnerabilities found on these workstations and servers. Servers that support mission critical applications require security operations and management procedures to ensure C-I-A throughout. Servers that house customer privacy data or intellectual property require additional security controls to ensure the C-I-A of that data. This lab requires the students to identify threats and vulnerabilities found within the Workstation, LAN, and Systems/Applications Domains.…

    • 912 Words
    • 4 Pages
    Powerful Essays
  • Better Essays

    This guide is meant to describe best practices for the detection and prevention of denial of service attacks, such as the event that recently occurred at the university. It was determined that based on current security guidelines and current controls in place, the university was still severely vulnerable from an internal aspect and all identified gaps need to be addressed and resolved. Each control described below will provide a more in depth look at the overall strategy of how a network should be protected but still allow for the functionality that is required to maintain normal operations.…

    • 1279 Words
    • 6 Pages
    Better Essays
  • Good Essays

    Security attacks. A huge number of attacks are been made on cloud every day by malicious programs.…

    • 470 Words
    • 2 Pages
    Good Essays
  • Better Essays

    Hardware can be used to protect the network from outside threats. Intrusion detection systems (IDS) automate detection of threats and attack through traffic analysis. Cisco’s IDS “delivers a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, along with bandwidth and e-Business application attacks” (Cisco Systems, 2007, Cisco Intrusion Detection). They take this one-step further with an intrusion prevention systems (IPS). IPS shifts the focus on the attacker, not the attack itself, by increasing the accuracy of threat prevention through global threat analysis (Cisco Systems, 2012, Intrusion Prevention System with Global Correlation). The Cisco Adaptive Security Appliances (ASA) “combines the industry 's most deployed stateful inspection firewall with…

    • 890 Words
    • 4 Pages
    Better Essays
  • Better Essays

    Cloud computing is a fast growing information technology trend that many companies including Google, Microsoft, and IBM are currently looking to get a stake in as demand for the service grows. Cloud computing is the concept of allowing both individuals and businesses to store data and applications on remote servers (owned and operated by a third party company), rather than on their own hard drives and data centers. The service boasts the ability to securely access data and applications from just about any device with an internet connection, allowing for such services as streaming music from a personal collection from multiple devices, and even to business development and storage of applications on remote servers. For the past few years, cloud computing has quickly grown in popularity, and as such, has come with its own set of risks and security concerns. As use of this service grows by both consumers and businesses, it will no doubt continue to attract the attention of hackers and cyber criminals, as it offers a central repository of data that can contain everything from financial statements, to company intellectual property. On 7/11/2011, eweek.com posted an article called “Cloud Computing Security: 10 Ways to Enforce It”, which attempts to give several suggestions on the best way to ensure that cloud computing is as safe as it is convenient.…

    • 1626 Words
    • 7 Pages
    Better Essays
  • Powerful Essays

    Mallery, J., Zann, J., Kelly, P., Noonan, W., Seagren, E., Love, P., et al. (2005). Hardening Network Security. New York, NY: McGraw-Hill.…

    • 2643 Words
    • 11 Pages
    Powerful Essays
  • Satisfactory Essays

    NT2580

    • 526 Words
    • 5 Pages

    Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 2 Key Concepts  Attacks, threats, and vulnerabilities in a typical IT infrastructure …

    • 526 Words
    • 5 Pages
    Satisfactory Essays
  • Better Essays

    root causes of DDoS attacks by reducing Bots infections. Tools such as AD, SCCM, and…

    • 885 Words
    • 4 Pages
    Better Essays
  • Good Essays

    Week 5 you decide

    • 928 Words
    • 4 Pages

    Vulnerability scanners can help determine patching policy. Once we know what vulnerabilities are exposed, we can make decisions about what can and cannot be tolerated in the network environment. Knowing our typical network behavior can highlight common activity that we might want to stop via policy or other tools. Both of these technologies provide visibility into network traffic. Network risk mapping can find vulnerable data and network device configurations and help us prioritize which issues to resolve first. Data can be based on defined nodes, directly vulnerable hosts, non-secured configuration of network equipment, and the end users most susceptible compromises.…

    • 928 Words
    • 4 Pages
    Good Essays
  • Better Essays

    Trust is not easily defined, but most people agree that when it comes to cloud computing, transparency is essential to creating trust. Businesses must be able to see cloud service providers are complying with agreed data security standards and practices. These must include controls around who has access to data, staff security vetting practices, and the technologies and processes to segregate, backup and delete data. Suppliers of cloud technologies and services are quick to claim that cloud computing is well equipped to provide the necessary controls. Virtualization, they argue, underlies cloud computing, and therein lies the potential to achieve hitherto impossible levels of security. While virtualization is viewed with suspicion and fear by many IT directors, suppliers like RSA, IBM and other say that the technology enables organizations to build security into the infrastructure and automate security processes, to surpass traditional data protection…

    • 1351 Words
    • 6 Pages
    Better Essays
  • Best Essays

    Individual Assignment 1

    • 2342 Words
    • 10 Pages

    Having a strong web presence is not only important in today’s world, it is vital for survival in today’s super connected world. Companies, banks, agencies and private industries must be able to create an environment to interact with customers, government officials and other companies in order to thrive. Opening yourself up to anyone through the Internet often means opening your system up to the world. Today we are more connected than ever, and cyberspace is littered with a multitude of individuals, some with the intent to compromise network confidentiality, integrity and availability. Anyone with a computer and Internet access can become a victim or criminal over the web. As a result, networks and servers are under constant attack these days. Attackers are changing their techniques daily and are on a never ended endeavor to disrupt companies for their selfish reasons. Two such forms of disruption are Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks. These forms of disruption have cost companies millions of dollars and are showing no signs of stopping. That is why it is up to security professionals to create the best safeguards and impose efficient and proper techniques to prevent, mitigate and discover these attacks before they inflict terrible harm. In the following assignment, these important topics of prevention, mitigation and discovery will be discussed as they relate to DoS and DDoS attacks on today’s systems. Specifically, three academic journals have been selected that relate to this topic. This essay will first briefly summarize each article that was selected and state the methods of prevention, mitigation or discovery as they relate to denial of service attacks. The second part of this essay will explore in detail the specific methods discussed in the summaries as they relate to a proposed technique and practical…

    • 2342 Words
    • 10 Pages
    Best Essays
  • Good Essays

    Nowadays, security software is becoming a major part of enterprise business. Software development is activity connected with advanced technology and high level of knowledge. After viewing the growing number of malicious activity, it is now imperative that we develop a plan and stick to it. There are so many threats to vulnerabilities and threats that leave systems open to malicious attacks. Whenever you sit at a computer and log onto the internet, your system, becomes vulnerable. There is now potential for malicious attacks. Knowing what to look for can prevent a lot of these attacks.…

    • 534 Words
    • 3 Pages
    Good Essays
  • Best Essays

    Meier, J.D., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R. & Murukan, A. (2003, June). Threats and countermeasures. Microsoft. Retrieved from http://msdn.microsoft.com/en-us/library/ff648641.aspx…

    • 4737 Words
    • 19 Pages
    Best Essays
  • Better Essays

    from spam and phishing to malware and denial-of-service (DoS) attacks. Much of it thrives on armies of compromised hosts, or botnets, which are scattered throughout the…

    • 8864 Words
    • 36 Pages
    Better Essays

Related Topics