Nowadays any intrusion detection system should include decision making feature. Each network administrator, in his everyday job, is overwhelmed with a big number of events and alerts. It is a challenge to be able to take correct decisions and to classify events according to their accuracy. That’s why we need to provide the administrator with the right tools in order to help him taking the correct decision. For this purpose, we suggest an Artificial Neural Networks (ANN) architecture for decision making within intrusion detection systems. Having in mind our IMA IDS solution that presents a global agent architecture for enhanced intrusion network based solution, we are including ANN as a major decision algorithm using the learning and adaptive features of ANN. This inclusion aims to increase respectively efficiency, by reducing the fault positive, and detection capabilities by allowing detection with partial available information on the network status.
Most current IDS are generally centralized andsuffer from significant limitations when used in high speednetworks, especially when they face distributed attacks. Thispaper shows that the use of mobile agents has practical advantagesfor intrusion detection. For this purpose we carriedout a comparative experimental study of some IDS, showingtheir limits and then we propose an implementation of a newMAFIDS (Mobile Agent for Intrusion Detection System)model focusing on misuse approach. The performance ofMAFIDS is investigated in terms of detection delay, falsealarm and detection rate by comparing it to a centralizedIDS over real traffic and a set of simulated attacks.
Federated Cloud is a recent topic in which multiple Cloud Service Providers (CSP) interact and share resources in order to serve their clients and overcome the problem of limited resources. In a Federated environment, CSP have an unlimited amount of resources due to the fact that each CSP can use the resources of other CSPs to serve its own clients when its own resources cannot do it. In a same concept, CSPs will be able to sell their unused capacity for other CSPs. From this definition, CSPs could buy resources in the federation in order to serve the upcoming requests that go beyond one CSP capacity. Also, by selling resources, CSPs will increase their revenues. A pre-agreement must be done between CSPs willing to participate to the federation in order to define the rules that manage such environment. Security is one of the main issues in cloud federation that should be provided. In this paper, we will describe different cloud environments before proposing a security strategy and security model that can be integrated in federation cloud.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.