DYNAMIC NETWORK SECURITY PROTECTION ON CLOUD COMPUTING
Keywords:
cloud computing, DDoS attack, intrusion detection, protection, securityAbstract
This paper focuses on DDoS problem and trying to give solution using auto correlation and alert generation methods. Cloud trace back model has efficient and it's dealing with DDoS attacks using back propagation neural network method and finds that the model is useful in tackling Distributed Denial of Service attacks. Distributed denial of service attacks has become more sophisticated as to exploit application-layer vulnerabilities. NICE (Network Intrusion Detection and Countermeasure Selection) is used to propose multiphase distributed vulnerability detection for attack measurement, and the countermeasure selection mechanism which is built on attack graph-based analytical models and reconfigurable virtual network-based countermeasures. The systems and security evaluations demonstrate the efficiency and effectiveness of the solution.
References
B. Joshi, A. Vijayan, and B. Joshi, “Securing Cloud Computing Environment Against DDoS Attacks,” Proc. IEEE Int’l Conf. Computer Comm. And Informatics (ICCCI’12), Jan. 2012.
Z. Duan, P. Chen, F. Sanchez, Y. Dong, M. Stephenson, and J. Barker, “Detecting Spam Zombies by Monitoring Outgoing Messages,” IEEE Trans. Dependable and Secure Computing, vol. 9, no. 2, pp. 198-210, Apr.2012.
O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing, “Automated Generation and Analysis of Attack Graphs,” Proc. IEEE Symp. Security and Privacy, pp. 273-284, 2002.
S. Roschke, F. Cheng, and C. Meinel, “A New Alert Correlation Algorithm Based on Attack Graph,” Proc. Fourth Int’l Conf. Computational Intelligence in Security for Information Systems, pp. 58-67, 2011.
Roy, D.S. Kim, and K. Trivedi, “Scalable Optimal Countermeasure Selection Using Implicit Enumeration on Attack Countermeasure Trees,” Proc. IEEE Int’l Conf. Dependable Systems Networks (DSN ’12), June2012.
M. Frigault and L. Wang, “Measuring Network Security Using Bayesian Network-Based Attack Graphs,” Proc. IEEE 32nd Ann. Int’l Conf. Computer Software and Applications (COMPSAC ’08), pp. 698-703, Aug. 2008.
P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, graph based network vulnerability analysis,” Proc. 9th ACM Conf. Computer and Comm. Security (CCS’02), pp.217-224, 2002.
X. Ou, S. Govindavajhala, and A.W. Appel, “MulVAL: A Logic-Based Network Security Analyzer,” Proc. 14th USENIX Security Symp., pp. 113-128, 2005.
R. Sadoddin and A. Ghorbani, “Alert Correlation Survey: Framework and Techniques,” Proc. ACM Int’l Conf. Privacy, Security and Trust: Bridge the Gap between PST Technologies and Business Services (PST ’06), pp.37:1-37:10, 2006.
L. Wang, A. Liu, and S. Jajodia, “Using Attack Graphs for Correlating, Hypothesizing, and Predicting Intrusion Alerts,” Computer Comm., vol. 29, no. 15, pp.2917-2933, Sept. 2006.
N. Poolsappasit, R. Dewri, and I. Ray, “Dynamic Security Risk Management Using Bayesian Attack Graphs,” IEEE Trans. Dependable and Secure Computing, vol. 9, no.1, pp. 61-74, Feb. 2012.
Open Networking Foundation, “Software-Defined Networking: The New Norm for Networks,” ONF White Paper, Apr. 2012.
N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J.Turner, “OpenFlow: Enabling Innovation in Campus Networks,” SIGCOMM Computer Comm. Rev., vol. 38, no. 2, pp. 69-74, Mar. 2008.
M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski, G. Lee, D. Patterson, A. Rabkin, I. Stoica, and M. Zaharia, “A View of Cloud Computing,” ACM Comm., vol. 53, no. 4, pp. 50-58, Apr. 2010.
H. Takabi, J.B. Joshi, and G. Ahn, “Security and Privacy Challenges in Cloud Computing Environments,” IEEE Security and Privacy, vol. 8, no. 6, pp. 24-31, Dec.2010.
Additional Files
Published
How to Cite
Issue
Section
License
Copyright (c) 2021 International Education and Research Journal (IERJ)
This work is licensed under a Creative Commons Attribution 4.0 International License.
