Introduction
Cloud platform is increasingly becoming popular even as most enterprises shift from a conventional computing system to this new data accessibility trend. Just as the name suggest, cloud computing allows for allows multiple users to access it simultaneously, and thus exposing it to the easier attack by unscrupulous users and unintended applications. Thus, the cloud computing environments are easier targets to intruders due to their distributed nature.
This is a typical Diagram of an IDSaaS in the Cloud
According to Shraddha, et al, (2015), using a genetic Algorithm is a fundamental intrusion detection system that could prevent a compromise to the data shared on the cloud computing networks. These authors reiterate that the increasing rates of intrusion have been due to the existence of large user base that access the cloud networks at a particular time. In addition, these authors reiterate that most intrusions occur as a result of the vulnerabilities of a cloud network, and they strategize every move in to compromise the virtual machine with the view of deploying an extra large-scale Denial-Of-Services, or what is abbreviated as (DDOS). Such attempts could always be thwarted upon adopting a stable anti-intrusion program such as the genetic algorithm. Such security systems operate by detecting any malicious behaviors and prevent the systems from a further attack.
The genetic algorithm method works on the domain data, and helps in preventing any form of attack to the confidential data to a registered user on the cloud network. The platform of action to these anti-intrusion programs works on the premise of detecting computer attacks through the inspection of data records observed by distinct processes on the same network. These authors equally reiterate the action of DDoS, which usually generates unhealthy attack on the cloud network. This intrusion action begins at the early stages, and it involves actions like multi-step exploitation, sets of low frequency vulnerability scanning as well as compromised virtual machines, often identified as Zombies, and finally the intrusion through DDoS attack as a result of the presence of compromised zombies (Shraddha, Patil, Sunita, Ganveer, Prachi, &, Badge, 2015, p. 195). The frameworks provided by the cloud computing to the users subject it to the unhealthy attacks by certain interests, and works being Distributed Denial-of-Services to the cloud environment.
Shraddha, et al, (2015), proposes privately monitored security system to intrusion attacks on the cloud environment. However, these authors suggest some elements of security threats to the cloud eminent, and showcase how these threats could be prevented by the genetic algorithm. The first threat to the cloud computing environment attributes to the cloud data confidentiality issues. The implementation of a new services paradigm poses a great challenge to the security of privately held data. While the encryption of data have still relied on the traditional methods, their privacy is major concern owing to the fact that the confidentially of data always remain at the disposal of the service provider. Other security concerns attributed to the confidentiality of the encrypted data relates to the searching and indexing of the encrypted data. Other security threats to the cloud computing environment suggested by the authors include; the cloud security auditing, and the general lack of data interoperability standards. Therefore, maintenance of high security of data through genetic Algorithm means extensive actions other than user authentication with either the passwords or by the use of digital certificates. The genetic algorithm platform of anti-intrusion is cloud IDS model which multi-threaded in form, and its administration is executed by a third party monitoring service , which aids in the optimization of efficiency, and transparency to the cloud end user.
A typical IDSaaS in the Amazon Cloud
Intrusion Detection System for the Cloud Architecture
According to Padmakumari, et al, (2014), the need for security to the cloud environment would mean enhancing the anti-intrusion methods. Therefore, the security structure would go a notch higher and integrate more than just the conventional security architecture. Methods of data encryption like firewalls, user authentication, access control and confidentiality in the transmissions of data would not help serve the security purpose of cloud system. The authors thus suggest K-means a mainstream IDS. This method involves clustering for anomaly detection and integrates the cloud system with a frequent attacks generation system. The increasing rate of internet use has generated high prevalence rate of cyber-attack, and consequently the need to have a secure platform in using the internet. The K-means is an IDS method that helps in the detection, scanning of data traffic, and preventing security threats to users and data flow form one user to another. This method is based on anomaly detection, which detects a significant intrusion through breach into a private data. The need for either signature of anomaly based detection system is due to the fact that the traditional security detection systems have had several lapses, which could only be corrected by the intervention of more sophisticated methods. The K-means or a method based on anomaly detection works by monitoring the network packets by screening it for abnormal or unusual behaviors. This method is based on a study of statistical behaviors of anomaly heuristics.
Detecting Internet Intrusion in a Cloud
Amirreza, & Alireza, (2012), introduce an IDS system that operates on the concept of Cloud Intrusion Detection System Services (CIDSS). This concept is designed alongside the cloud computing paradigm, and its efficiency in reducing the inefficiencies of the traditional intrusion detection. Besides, the CIDSS is stable IDS system that helps the end user from a possible cyber-attack. Indeed, it ensures that the user at the cyber is free and secure form any possible attack or intrusion to his or her privacy. The design and operation of this IDS system revolves around the software-as-a-service (SaaS). The SaaS model is used in the provision of security to any given cloud user. In addition, its architecture is integrated with a light weight IDS agents, which are coupled within the protected network data, via the central detection engine unit. Besides, this system relies on the concept of grouping of the flexible IDS agents together with a multiple network segments that support this user application. The grouping and information exchange is aided by the Virtual Private Network (VPN) with the design of a standardized interface, which provides the view result for the cloud users.
IDS by Distributed Cloud Intrusion Detection Model
Ifran Gul, (2011) proposes a new multi-threaded distributed cloud IDS model as a sure platform in countering intrusions through the cloud environment. This method works on the anti-jamming principles where the IDS can handle large volumes of data flow, undertakes a thorough analysis of these data, and generate an efficient report. Its capability to multitask various operations on the data leads to its effectiveness in the control of intrusion by unscrupulous users and details. Either, this method vividly integrates both the traditional and new methods of signature and anomaly detection to foster the security of the cloud environment through its users and the system devices. During this multi-step operation, a series of transparent reports are sent simultaneously to the cloud user, as well as the expert advice from cloud service provider’s network. In addition, the efficiency and security of the cloud environment is fostered by avoiding miss-configuration via a third-party IDS monitoring as well as effective and efficient advisory service.
Conclusion
In conclusion, the numerous applications of internet is the main subject behind aggression that mostly leads to intrusions. In addition, the evolving technology has forced a massive shift of enterprise applications form the traditional methods to the cloud platforms. However, the cloud network is usually shared by millions of users, thus prompting its security risk. In addition, the distributed nature of the cloud computing subject them to the highest risk of intrusion and attack (Soumya, &, Ann 2012). However, such attacks can be stopped by adopting a hybrid method comprising of traditional and new IDS methods. Furthermore, the new methods should integrate both signature IDS, and anomaly based detection methods to foster the security of the data and the clod system in entirety.
References
Amirreza Z,&, Alireza Z. (2012). Internet Intrusion Detection System Service in a Cloud. IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 5,
Fonseca, N. L. S., & Boutaba, R. (2015). Cloud services, networking, and management.
Irfan Gul, M. H. (2011). Distributed Cloud Intrusion Detection Model. International Journal of Advanced Science and Technology Vol. 34.
Padmakumari, P. Surendra, K, Sowmya, M. &, Sravya, M. (2014). Effective Intrusion Detection System for Cloud. CSE, School of Computing, SASTRA University, Thanjavur, Tamilnadu, India
Shraddha, Ku, Patil, D, Sunita, Ku, Ganveer S, Prachi, Ku, &, Badge, S. (2015). To Implement Intrusion Detection System for Cloud Computing Using Genetic Algorithm. International Journal of Computer Science and Information Technology Research ISSN 2348-120X.
Soumya M, &,Ann P.J. (2012). Securing Cloud from Attacks based on Intrusion Detection System. International Journal of Advanced Research in Computer and Communication Engineering Vol. 1.