Abstract. Cloud Computing is one of today's most promising technologies due to its cost-efficiency, flexibility and scalability for computing processes. However, the complex architecture of cloud infrastructure and the different levels of users lead to special requirements especially in security area. The Cloud provider is responsible for providing secure, reliable and trustful services to its consumers. Network intrusion detection system and network intrusion prevention system (IDPS), is a pioneer active security-defensive mechanism that is ideal to be used in cloud computing. Collaborative or cooperative IDS had been a hot topic for the last few years. However, there were some limitations in previous techniques indicating that they are not sufficient to cover all security threats in clouds. The main objective is to propose a cloud based cooperative intrusion detection and prevention system (cl-CIDPS). The system adds several contributions to the area of IDPS in clouds by proposing an integrated design that considers detection, prevention and logging capabilities applying both signature and anomaly detection mechanisms. cl-CIDPS was evaluated using a powerful network security simulator tool (Nessi2) that is capable of testing detection units and communication schemas. NeSSi2 was extended for a cloudbased IDPS presenting a valuable simulation background that can be used by future researches to evaluate similar proposed techniques for cloud computing infrastructure.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.