Incorporating Honeypot for Intrusion Detection in Cloud Infrastructure

Borisaniya, Bhavesh; Patel, Amit B.; Patel, Dhiren; Patel, Harish M.

doi:10.1007/978-3-642-29852-3_6

Cited by 12 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The packet preprocessing component processes captured packets and removes redundant information that has low correlation with detection intrusions which are running on VMs. Borisaniya et al (2012) introduced honeypot in cloud IDS design to help in detecting potential attacks with reduced number of false positives. A honeypot is a deception system which allures the attackers (Borisaniya et al 2012).…”

Section: Network Intrusion Detection System (Nids)mentioning

confidence: 99%

“…Borisaniya et al (2012) introduced honeypot in cloud IDS design to help in detecting potential attacks with reduced number of false positives. A honeypot is a deception system which allures the attackers (Borisaniya et al 2012). The open source cloud computing framework known as Eucalyptus is being implemented where the incorporation of honeypot with IDS is easy.…”

Section: Network Intrusion Detection System (Nids)mentioning

confidence: 99%

See 1 more Smart Citation

Intrusion Detection System in Cloud Computing: A Literature Review

2021

NCS

View full text Add to dashboard Cite

Cloud computing provide users a convenient, ubiquitous and on-demand network access to a shared pool of computing resources over an Internet. On the other aspect, due to its distributed and complex architectures, it possess many security risks and become one of the attractive targets for the cyber-attacks by the intruders. With the growing popularity of cloud computing, the importance to provide reliable and secure services assurance remains one of the major issues. Intrusion Detection Systems (IDS) have been widely used as one of the mechanism to detect attacks on cloud. Different authors have proposed various IDS that can be used in cloud computing in an attempt to provide secure services. This paper surveys different methods and approaches applied in intrusions detection systems (IDS) of cloud environment by various authors. The paper is organized as follows. Section 1 discusses about the different kinds of attacks or intrusions found in cloud. Section 2 discusses and demonstrates different IDS used in cloud that have been proposed by various authors in their research. Section 3 concludes the review with references at the end.

show abstract

Section: Network Intrusion Detection System (Nids)mentioning

confidence: 99%

Section: Network Intrusion Detection System (Nids)mentioning

confidence: 99%

Intrusion Detection System in Cloud Computing: A Literature Review

2021

NCS

View full text Add to dashboard Cite

show abstract

“…Similarly, [34] aims to employ deception concepts in a private cloud using a honeypot. The authors deploy the Snort Network Intrusion Detection System (NIDS) in the Eucalyptus private cloud as a proof of concept implementation.…”

Section: B Related Work 1) Cyber Deceptionmentioning

confidence: 99%

Mitigating Data Exfiltration in SaaS Clouds

Wilson¹,

Avery

2019

JBTL

View full text Add to dashboard Cite

Existing processes and methods for incident handling are geared towards infrastructures and operational models that will be increasingly outdated by cloud computing. Research has shown that to adapt incident handling to cloud computing environments, cloud customers must establish clarity about their requirements on Cloud Service Providers (CSPs) for successful handling of incidents and contract CSPs accordingly. Secondly, CSPs must strive to support these requirements and mirror them in their Service Level Agreements. Intrusion Detection Systems (IDS) have been used widely to detect malicious behaviors in network communication and hosts. Facing new application scenarios in Cloud Computing, the IDS approaches yield several problems since the operator of the IDS should be the user, not the administrator of the Cloud infrastructure. Cloud providers need to enable possibilities to deploy and configure IDS for the user - which poses its own challenges. Current research and commercial solutions primarily focus on protecting against Denial of Service attacks and attacks against the Cloud’s virtual infrastructure. To counter these challenges, we propose a capability that aims to both detect and prevent the potential of data exfiltration by using a novel deception-based methodology. We also introduce a method of increasing the data protection level based on various threat conditions.

show abstract

“…Since past various intrusion detection and information security approaches for securing Cloud have been proposed and are in practice [27,[31][32][33][34][35][36][37][38][39][40][41][42], but the concept of network intrusion detection and prevention systems and its deployment strategies over cloud infrastructure, which will be efficient and lightweight, is still going on, because cloud vendors are also interested in a solution that can be deployed and maintained at low cost [5]. Summary of some of the research work carried out in the area of network intrusion detection and prevention in cloud is as follows.…”

Section: The Present Scenariomentioning

confidence: 99%

A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment

Gupta

Kumar

Abraham

2013

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Cloud computing provides network based access to computing and data storage services on a pay per usage model. Cloud provides better utilization of resources and hence a reduced service access cost to individuals. Cloud services include software as a service, platform as a service, and infrastructure as a service. Cloud computing virtually and dynamically distributes the computing and data resources to a variety of users, based on their needs, with the use of virtualization technologies. As Cloud computing is a shared facility and is accessed remotely, it is vulnerable to various attacks including host and network based attacks (Brown 2012, and Grance 2009) and hence requires immediate attention. This paper identifies vulnerabilities responsible for well-known network based attacks on cloud and does a critical analysis on the security measures available in cloud environment. This paper focuses on a nonconventional technique for securing cloud network from malicious insiders and outsiders with the use of network profiling. With network profiling, a profile is created for each virtual machine (VM) in cloud that describes network behavior of each cloud user (an assigned VM). The behavior gathered is then used for determination (detection) of network attacks on cloud. The novelty of the approach lies in the early detection of network attacks with robustness and minimum complexity. The proposed technique can be deployed with minimal changes to existing cloud environment. An initial prototype implementation is verified and tested on private cloud with a fully functional implementation under progress.

show abstract

Incorporating Honeypot for Intrusion Detection in Cloud Infrastructure

Cited by 12 publications

References 9 publications

Intrusion Detection System in Cloud Computing: A Literature Review

Intrusion Detection System in Cloud Computing: A Literature Review

Mitigating Data Exfiltration in SaaS Clouds

A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment

Contact Info

Product

Resources

About