Home // EMERGING 2011 , The Third International Conference on Emerging Network Intelligence // View article

Incident Detection for Cloud Environments

Authors:
Frank Doelitzscher
Christoph Reich
Martin Knahl
Nathan Clarke

Keywords: cloud computing, security

Abstract:
Security and privacy concerns hinder a broad adoption of cloud computing in industry. In this paper we identify cloud specific security risks and introduce the cloud incident detection system Security Audit as a Service (SAaaS). SAaaS is built on autonomous distributed agents feeding a complex event processing engine, informing about a cloud's security state. In addition to technical monitoring factors like number of open network connections business process flows can be modelled to detect customer overlapping security incidents. In case of identified attacks actions can be defined to protect the cloud service assets. As contribution of this paper we provide a high-level design of the SAaaS architecture and a first prototype of a virtual machine agent. We show how an incident detection system for a cloud environment should be designed to address cloud specific security problems.

Pages: 100 to 105

Copyright: Copyright (c) IARIA, 2011

Publication date: November 20, 2011

Published in: conference

ISSN: 2326-9383

ISBN: 978-1-61208-174-8

Location: Lisbon, Portugal

Dates: from November 20, 2011 to November 25, 2011