A Framework for Intrusion Tolerance in Cloud Computing

Karande, Vishal; Pais, Alwyn Roshan

doi:10.1007/978-3-642-22726-4_41

Cited by 6 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The Framework for intrusion tolerance in Cloud Computing in [9] is obtained by utilizing and adapting the existing MAFTIA intrusion tolerance framework in the Cloud Computing environment to ensure availability, integrity, and confidentiality.…”

Section: A Framework For Intrusion Tolerance In Cloud Computingmentioning

confidence: 99%

“…In [9], the authors propose intrusion tolerance framework, which is based on the layered design of Cloud Computing architecture: User Level, Middleware, and System Level. The framework is composed of components such as:…”

Section: A Framework For Intrusion Tolerance In Cloud Computingmentioning

confidence: 99%

“…MAFTIA [5] SCIT [6] ACT [7] Hybrid Recovery-Based ITS [8] Framework for IT [9] IT Through Flow Monitoring [10] Fault-Tolerant and Consistent SDN Controller [11] ITC [12] In this paper, we have presented an analysis of several Intrusion Tolerant Systems in Cloud Computing and SDN. In sum, we have described each architecture, its characteristics, and its techniques used to tolerate intrusions, and have made a brief analysis compared to the different approaches proposed in [3]: Detection-Triggered, Algorithm-Driven, and Recovery Based, in a try to classify each approach.…”

mentioning

confidence: 99%

See 2 more Smart Citations

Survey on Intrusion Tolerant Systems in Emerging Technologies

Sanoussi,

Orhanou

2024

ITM Web Conf.

View full text Add to dashboard Cite

The wide spread of the Internet leads to the expansion of networks and the increase of data. For this reason, the use of emerging technologies became a necessity to cover the needs and the lapses in traditional systems. However, these systems might reveal security flaws and become vulnerable to attacks. Security is therefore essential to ensure the confidentiality, integrity, and availability of system data and services. As the attacks get more sophisticated, the protection gets more difficult. In fact, mechanisms such as Firewalls, IDSs, and IPSs are still ineffective against unknown attacks. Consequently, defense-in-depth security should include intrusion tolerance. The concern of intrusion tolerance is not how to defend or detect the intrusion, but how to mask or restrain the intrusion when the network has been intruded. Using three separate lines of approaches: Detection-Triggered, Algorithm-Driven, and Recovery Based, this paper will present, analyze, and contrast several works in two different environments: Cloud Computing and Software Defined Networks (SDNs), to proceed towards Intrusion Tolerant Systems (ITSs).

show abstract

Section: A Framework For Intrusion Tolerance In Cloud Computingmentioning

confidence: 99%

Section: A Framework For Intrusion Tolerance In Cloud Computingmentioning

confidence: 99%

mentioning

confidence: 99%

See 1 more Smart Citation

Survey on Intrusion Tolerant Systems in Emerging Technologies

Sanoussi,

Orhanou

2024

ITM Web Conf.

View full text Add to dashboard Cite

show abstract

“…Karande et al [11] presented a framework for connecting available MAFTIA (Malicious and Accidental Fault Tolerance for Internet Application) intrusion tolerance for dependency like safety, maintainability, integrity, reliability, authenticity and availability in anenvironmentof cloud computing. MAFTIA was the first initiative to apply the acceptancepattern consistently to the reliability of whole significantclaims in aggressive environments, rather than merely isolated mechanisms of such systems.…”

Section: State-of-art Work For Intrusion Detection and Diagnosis For ...mentioning

confidence: 99%

Deep reinforcement learning based automatic intrusion detection and diagnosis approach for cloud computing attacks

Reddy Palle

2023

IJERMCA

View full text Add to dashboard Cite

The expansion of cloud computing settings is undergoing a major boom in the contemporary period, receiving widespread support. The rising ubiquity of Internet-connected gadgets adds to the construction of a complex network in which data is automatically collected from the environment via sensors and easily relayed over the internet without direct human interaction. Because of the adaptability of cloud computing, this networked environment enables seamless interactions between humans and real-world applications. Cloud computing technologies serve a critical role in addressing numerous demands, enriching both social and business worlds, by operating across varied areas such as healthcare, education, agriculture, and commerce. Nonetheless, the vulnerability of cloud computing to attacks remains a major worry, owing mostly to resource constraints and inherent weaknesses.We provide a novel technique for automated intrusion detection and diagnosis in cloud computing assaults that makes use of deep reinforcement learning (DRL). The first phase involves analyzing the cloud server using the modified bird swarm optimization (MBSO) method. The goal of this method is to identify and optimize aspects that are critical for intrusion detection and diagnosis. Furthermore, we use deep reinforcement learning algorithms to identify and diagnose intrusions within the cloud computing infrastructure. The future method's performance is then evaluated and connected with existing techniques utilizing benchmark cloud datasets from UNM (University of New Mexico). The findings demonstrate the efficacy of our MBSO-DRL method, with a maximum detection rate of 97.373% and a minimum error rate of 10.871%. This demonstrates the resilience and efficiency of our proposed deep reinforcement learning-based solution to improving cloud computing environment security against attacks.

show abstract

“…One well known architecture is MAFTIA (Malicious and Accidental Tolerance Intrusion Architecture [Stroud et al, 2004]). The framework presented in [Karande et al, 2011] leverages the MAFTIA framework for cloud platforms. The detection relies on event analysis, while the intrusion detection is based on threshold cryptography.…”

Section: Attack Tolerance Techniquesmentioning

confidence: 99%

Attack Tolerance for Services-Based Applications in the Cloud

Ouffoué

Zaïdi

Cavalli

2019

Testing Software and Systems

View full text Add to dashboard Cite

Web services allow the communication of heterogeneous systems on the Web. These facilities make them particularly suitable for deploying in the cloud. Although research on formalization and verification has improved trust in Web services, issues such as high availability and security are not fully addressed since the solutions proposed are sometimes attack-specific. In addition, Web services deployed in cloud infrastructures inherit their vulnerabilities. For example when different tenants in a cloud platform consume the same instance of the service, attacks such as side-channel can be performed by malicious tenants. Because of this limitation, they may be unable to perform their tasks perfectly. In this thesis, we claim that a good tolerance requires attack detection and continuous monitoring on the one hand; and reliable reaction mechanisms on the other hand. We therefore proposed a new formal monitoring methodology that takes into account the risks that our services may face. To implement this methodology, we first developed an approach of attack tolerance that leverages model-level diversity. We define a model of the system and derive more robust functionally equivalent variants that can replace the first one in case of attack. To avoid manually deriving the variants and to increase the level of diversity, we proposed a second complementary approach. The latter still consists in having different variants of our services; but unlike the first, we have a single model and the implementations differ at the language, source code and binaries levels. Moreover, to ensure detection of insider attacks, we investigated a new detection and reaction mechanism based on software reflection. While the program is running, we analyze the methods to detect malicious executions. When these malicious activities are detected, using reflection again, new efficient implementations are generated as a countermeasure. Finally, we leveraged a formal Web service testing framework by incorporating these complementary mechanisms in order to take advantage of the benefits of each of them. iii Résumé Les services Web permettent la communication de systèmes hétérogènes sur le Web. Ces facilités font que ces services sont particulièrement adaptés au déploiement dans le cloud. Les efforts de formalisation et de vérification permettent d'améliorer la confiance dans les services Web, néanmoins des problèmes tels que la haute disponibilité et la sécurité ne sont pas entièrement pris en compte. Par ailleurs, les services Web déployés dans une infrastructure cloud héritent des vulnérabilités de cette dernière. En raison de cette limitation, ils peuvent être incapables d'exécuter parfaitement leurs tâches. Dans cette thèse, nous pensons qu'une bonne tolérance nécessite un monitoring constant et des mécanismes de réaction fiables. Nous avons donc proposé une nouvelle méthodologie de monitoring tenant compte des risques auxquels peuvent être confrontés nos services. Pour mettre en oeuvre cette méthodologie, nous avons d'abord développé une méthode de ...

show abstract

A Framework for Intrusion Tolerance in Cloud Computing

Cited by 6 publications

References 5 publications

Survey on Intrusion Tolerant Systems in Emerging Technologies

Survey on Intrusion Tolerant Systems in Emerging Technologies

Deep reinforcement learning based automatic intrusion detection and diagnosis approach for cloud computing attacks

Attack Tolerance for Services-Based Applications in the Cloud

Contact Info

Product

Resources

About