Home // CLOUD COMPUTING 2012, The Third International Conference on Cloud Computing, GRIDs, and Virtualization // View article

Cloud Network Security Monitoring and Response System

Authors:
Murat Mukhtarov
Natalia Miloslavskaya
Alexander Tolstoy

Keywords: Cloud computing; Cloud infrastructure; Virtual Infrastructure; Application Hosting; Network Security

Abstract:
The public clouds network monitoring and response system, based on flow measurements, open source tools and CSMS (Cloud Security Monitoring System) module, is to be introduced in this paper. The main goal of the research is to develop an algorithm and to implement a system, which automatically detects and makes a response to network anomalies, occurring inside a Cloud infrastructure. In this research is proposed approach of anomaly detection inside the Cloud infrastructure which is based on a profiling method of IPFIX (IP Flow Information Export) protocol data and idea of negative selection principle is used for generating signatures of network anomalies, which are named detectors. The automatic response module makes a decision about network anomalies origin, based on several iterative checks and creates a record on the firewall rules table. The network traffic profiling process automatically generates the firewall rules set for all traffic classes, obtained during the learning process. Main results of the research are development of the algorithms and the way of the monitoring network attacks inside the Cloud. Implementation of the algorithms is python-based script and currently stays under hard-testing phase.

Pages: 181 to 185

Copyright: Copyright (c) IARIA, 2012

Publication date: July 22, 2012

Published in: conference

ISSN: 2308-4294

ISBN: 978-1-61208-216-5

Location: Nice, France

Dates: from July 22, 2012 to July 27, 2012