An intrusion detection and prevention system in cloud computing: A systematic review

Al-Mamory, 2010, New data mining technique to enhance IDS alarms quality, Journal in Computer Virology, 6, 43, 10.1007/s11416-008-0104-2 Anuar, 2008, Identifying false alarm for network intrusion detection system using data mining and decision tree, Malaysian Journal of Computer Science, 21, 101, 10.22452/mjcs.vol21no2.3 Arshad, 2012, A novel intrusion severity analysis approach for Clouds, Future Generation Computer Systems Awodele, 2009, A multi-layered approach to the design of intelligent intrusion detection and prevention system (IIDPS), Issues in Informing Science and Information Technology, 6, 10.28945/1086 Axelsson, 2000 Azmandian, 2011, Virtual machine monitor-based lightweight intrusion detection, SIGOPS—Operating Systems Review, 45, 38, 10.1145/2007183.2007189 Beale J, AR Baker,B Caswell, and M Poor, “Snort 2.1 Intrusion Detection,” ed.: Syngress Media Inc, 2004, p. 25 Bringas, 2009, Next-generation misuse and anomaly prevention system, Enterprise Information Systems, 19, 117, 10.1007/978-3-642-00670-8_9 Bringas, 2009, 19, 117 Byrski, 2008, 5103, 584 Carl, 2006, Denial-of-service attack-detection techniques, Internet Computing, IEEE,, 10, 82, 10.1109/MIC.2006.5 Castillo, 2012 Chandola, 2009, Anomaly detection: a survey, ACM Computing Surveys, 41, 1, 10.1145/1541880.1541882 Chen, 2006, Mobile agent based wireless sensor networks, Journal of Computers, 1, 14, 10.4304/jcp.1.1.14-21 Choo, 2011, The cyber threat landscape: challenges and future research directions, Computers & Security, 30, 719, 10.1016/j.cose.2011.08.004 Chung-Ming, 2012, Host-based intrusion detection systems adapted from agent-based artificial immune systems, Neurocomputing Cloud-Security-Alliance. (2010). Top Threats to Cloud Computing V1.0. Available: 〈https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf〉 Dastjerdi AV, KA Bakar, and SGH Tabatabaei, “Distributed intrusion detection in clouds using mobile agents,” in Third International Conference on Advanced Engineering Computing and Applications in Sciences, Sliema. pp. 175–180, 2009. Dhage S, B Meshram, R Rawat, S Padawe, M Paingaokar, and A Misra, “Intrusion detection system in cloud computing environment,” in International Conference & Workshop on Emerging Trends in Technology, New York, NY, USA pp. 235–9, 2011. Elshoush, 2011, Alert correlation in collaborative intelligent intrusion detection systems—a survey, Applied Soft Computing, 11, 4349, 10.1016/j.asoc.2010.12.004 Estevez-Tapiador, 2004, Anomaly detection methods in wired networks: a survey and taxonomy, Computer Communications, 27, 1569, 10.1016/j.comcom.2004.07.002 Foster I, Y Zhao, I Raicu, and S Lu, “Cloud computing and grid computing 360-degree compared,” in Grid Computing Environments Workshop, 2008. GCE ‘08 Austin, TX. pp. 1–10, 2008 Gaffney JEJr and JW Ulvila, “Evaluation of intrusion detectors: a decision theory approach,” in IEEE Symposium on Security and Privacy, 2001. S&P 2001, Oakland, CA, USA. pp. 50–61, 2001. Galante J., O Kharif, and P Alpeyev (2011, May 17, 2011). Sony Network Breach Shows Amazon Cloud's Appeal for Hackers. Available: 〈http://www.bloomberg.com/news/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lures-hackers-at-pennies-an-hour.html〉 García-Teodoro, 2009, Anomaly-based network intrusion detection: techniques, systems and challenges, Computers & Security, 28, 18, 10.1016/j.cose.2008.08.003 Grobauer, 2011, Understanding cloud computing vulnerabilities, Security & Privacy, IEEE, 9, 50, 10.1109/MSP.2010.115 Gunasekaran S., “Comparison of network intrusion detection systems in cloud computing environment,” in international conference on computer communication and informatics (ICCCI), Coimbatore, pp. 1–6, 2012. Gustavo, 2011, Anomaly-based intrusion detection in software as a service, Dependable Systems and Networks Workshops, 19 Herrero, 2009, 4 204, 377 Hoang, 2009, A program-based anomaly intrusion detection scheme using multiple detection engines and fuzzy inference, Journal of Network and Computer Applications, 32, 1219, 10.1016/j.jnca.2009.05.004 Hwang, 2007, Hybrid intrusion detection with weighted signature generation over anomalous internet episodes, Dependable and Secure Computing, IEEE Transactions on, 4, 41, 10.1109/TDSC.2007.9 Jaiswal, 2010, Database intrusion prevention cum detection system with appropriate response, International Journal of Information Technology, 2, 651 Jin, 2011, A VMM-based intrusion prevention system in cloud computing environment, The Journal of Supercomputing, 1 Kazienko, 2004, Intrusion Detection Systems, Windowsecurity Kerschbaum, 2002, Using internal sensors and embedded detectors for intrusion detection, Journal of Computer Security, 10, 23, 10.3233/JCS-2002-101-203 Klüft S, Alarm management for intrusion detection systems—prioritizing and presenting alarms from intrusion detection systems,” Master, Computer Science Programme, master of science thesis, University of Gothenburg, 〈http://hdl.handle.net/2077/28856〉, 2012. Khanum, 2012, Mobile agent based hierarchical intrusion detection system in wireless sensor networks, International Journal of Computer Science Issues, IJCSI, 9 Kholidy HA and F. Baiardi, CIDS: a Framework for Intrusion Detection in Cloud Systems,” in Ninth International Conference on Information Technology: New Generations (ITNG), Las Vegas, NV, pp. 379–5, 2012. Khorshed, 2012, A survey on gaps, threat remediation challenges and some thoughts for proactive attack detection in cloud computing, Future Generation Computer Systems, 28, 833, 10.1016/j.future.2012.01.006 Kizza, 2009, System intrusion detection and prevention, 273 Lee JH, MW Park, JH Eom, and TM Chung, “Multi-level Intrusion Detection System and log management in Cloud Computing,” in 13th international conference on advanced communication technology (ICACT), Seoul, pp. 552–5, 2011. Lee JH, MW Park, JH Eom, and TM Chung, “Multi-level intrusion detection system and log management in cloud computing,” 13th international conference on advanced communication technology (ICACT), pp. 552–5, 2011. Leitner M, Leitner P, Zach M, Collins S, Fahy C, “Fault management based on peer-to-peer paradigms; a case study report from the celtic project madeira,” in 10th IFIP/IEEE International Symposium on Integrated Network Management, pp. 697–700, 2007. Liang, 2006, An immunity-based dynamic multilayer intrusion detection system, 4115, 641 Lippmann, 2002, The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection, 2516, 307 Li, 2010, 6328, 233 Li, 2010, An ontology-based intrusion alerts correlation system, Expert Systems with Applications, 37, 7138, 10.1016/j.eswa.2010.03.068 Maggi, 2009, Reducing false positives in anomaly detectors through fuzzy alert aggregation, Information Fusion, 10, 300, 10.1016/j.inffus.2009.01.004 Mansour, 2010, Filtering intrusion detection alarms, Cluster Computing, 13, 19, 10.1007/s10586-009-0096-9 Martínez CA , Echeverri GI, and Sanz AGC, “Malware detection based on cloud computing integrating intrusion ontology representation,” in IEEE Latin-American Conference on Communications (LATINCOM), Bogota, pp. 1–6, 2010. Masud, 2008, Cloud-based malware detection for evolving data streams, ACM Transactions Management Information Systems, 2, 1, 10.1145/2019618.2019622 Moore, 2008, The “Big Picture” of insider it sabotage across U.S. critical infrastructures, 39, 17 Nazer, 2011, Current intrusion detection techniques in information technology—a detailed analysis, European Journal of Scientific Research, 65, 611 Patcha, 2007, An overview of anomaly detection techniques: existing solutions and latest technological trends, Computer Networks, 51, 3448, 10.1016/j.comnet.2007.02.001 Patel A, Qassim Q, Shukor Z, Nogueira J, Júnior J, Wills C, “Autonomic agent-based self-managed intrusion detection and prevention system,” in South African information security multi-conference (SAISMC 2010), Port Elizabeth, South Africa, pp. 223–24, 2009. Patel, 2010, A survey of intrusion detection and prevention systems, Information Management and Computer Security, 18, 277, 10.1108/09685221011079199 Perdisci, 2006, Alarm clustering for intrusion detection systems in computer networks, Engineering Applications of Artificial Intelligence, 19, 429, 10.1016/j.engappai.2006.01.003 Pietraszek, 2005, Data mining and machine learning—towards reducing false positives in intrusion detection, Information Security Technical Report, 10, 169, 10.1016/j.istr.2005.07.001 Rasoulifard, 2009, Incremental hybrid intrusion detection using ensemble of weak classifiers, 6, 577 Roschke S, F Cheng, and C Meinel, “Intrusion detection in the Cloud,” presented at the Eighth IEEE international conference on dependable, autonomic and secure computing, pp. 729–34, 2009. Scarfone, 2007, Guide to Intrusion Detection and Prevention Systems (idps), 800 Schubert, 2010, The future for cloud computing: opportunities for european cloud computing beyond, Expert Group Report, Public Version1, European Commission 2010 Shabtai, 2010, Google android: a comprehensive security assessment, Secur. Privacy IEEE, 8, 35, 10.1109/MSP.2010.2 Sharma, 2011, Intrusion detection systems technology, International Journal of Engineering and Advanced Technology (IJEAT), 1, 28 Shon, 2006, Applying genetic algorithm for classifying anomalous TCP/IP packets, Neurocomputing, 69, 2429, 10.1016/j.neucom.2006.01.023 Shyu, 2009, A multiagent-based intrusion detection system with the support of multi-class supervised classification, 127 Smith, 2004, A smart sensor to detect the falls of the elderly, Pervasive Computing, IEEE, 3, 42, 10.1109/MPRV.2004.1316817 Smith D, Q Guan, and S Fu, “An Anomaly Detection Framework for Autonomic Management of Compute Cloud Systems,” 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), Seoul, pp. 376–1, 2010. Spathoulas, 2010, Reducing false positives in intrusion detection systems, Computers & Security, 29, 35, 10.1016/j.cose.2009.07.008 Sproull, 2007, Distributed instrusion prevention in active and extensible networks active networks, 3912, 54 Subashini, 2011, A survey on security issues in service delivery models of cloud computing, Journal of Network and Computer Applications, 34, 1, 10.1016/j.jnca.2010.07.006 Su, 2009, A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach, Computers & Security, 28, 301, 10.1016/j.cose.2008.12.001 Sy, 2009, Integrating intrusion alert information to aid forensic explanation: an analytical intrusion detection framework for distributive IDS, Inf. Fusion, 10, 325, 10.1016/j.inffus.2009.01.001 Takahashi T, Y Kadobayashi, and H Fujiwara, “Ontological approach toward cybersecurity in cloud computing,” presented at the Proceedings of the 3rd international conference on Security of information and networks, Taganrog, Rostov-on-Don, Russian Federation, 2010. Thatte, 2011, Parametric methods for anomaly detection in aggregate traffic,, IEEE/ACM Transactions on Networking (TON), 19, 512, 10.1109/TNET.2010.2070845 Tjhai, 2010, A preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm, Computers & Security, 29, 712, 10.1016/j.cose.2010.02.001 Topaloglu, 2008, Secure mobile agent execution in virtual environment, Autonomous Agents and Multi-Agent Systems, 16, 1, 10.1007/s10458-007-9018-5 Tupakula U, V Varadharajan, and N Akku, “Intrusion Detection Techniques for Infrastructure as a Service Cloud,” IEEE International Conference on Dependable, Autonomic and Secure Computing pp. 744–1, 2011. Viega, 2009, Cloud computing and the common man, Computer, 42, 106, 10.1109/MC.2009.252 Vieira, 2010, Ntrusion detection for grid and cloud computing, IT Professional, 12, 38, 10.1109/MITP.2009.89 Vincent Zhou, 2009, Decentralized multi-dimensional alert correlation for collaborative intrusion detection, Journal of Network and Computer Applications, 32, 1106, 10.1016/j.jnca.2009.02.010 Wang C, Q Wang, K Ren, and W Lou, “Ensuring data storage security in cloud computing,” in 17th International Workshop on Quality of Service, 2009. IWQoS, Charleston, SC. pp. 1–9, 2009 Whitman, 2011, Principles of Information Security, ed.: Course Technology Ptr, 315 Wu, 2010, The use of computational intelligence in intrusion detection systems: a review, Applied Soft Computing, 10, 1, 10.1016/j.asoc.2009.06.019 Xie, 2011, Anomaly detection in wireless sensor networks: a survey, Journal of Network and Computer Applications, 34, 1302, 10.1016/j.jnca.2011.03.004 Xin W, H Ting-lei, and L Xiao-yu, Research on the Intrusion detection mechanism based on cloud computing,” in 2010 International Conference on Intelligent Computing and Integrated Systems (ICISS), Guilin, pp. 125–8, 2010. Xu, 2008, Correlation analysis of intrusion alerts, 38 Yue, 2010, A cost-based analysis of intrusion detection system configuration under active or passive response, Decision Support System, 50, 21, 10.1016/j.dss.2010.06.001 Zargar ST, H Takabi, and JBD Joshi, “Dcdidp: a distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments,” in International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), Orlando, Florida, 2011. Zeng, 2009, A new intrusion detection method based on antibody concentration emerging intelligent computing technology and applications, 5755, 500 Zhou, 2010, A survey of coordinated attacks and collaborative intrusion detection, Computers & Security, 29, 124, 10.1016/j.cose.2009.06.008