A New Secure Network Architecture to Increase Security Among Virtual Machines in Cloud Computing

Elmrabet, Zakaria; Elghazi, Hamid; Sadiki, Tayeb; Elghazi, Hassan

doi:10.1007/978-981-287-990-5_9

Cited by 9 publications

(4 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Para download de dados pelo usuário, os dados são criptografados de ponta a ponta com base em criptografia de chave pública, além de nós de computação multi-CPU (unidade de processamento central) e multiGPU (unidade de processamento gráfico) [17].…”

Section: Apresentar Técnicas De Proteção Dos Dados Armazenados Em Nuvemunclassified

Benefícios da tecnologia CLOUD (nuvem) para virtualização de serviços: um estudo para a ferramenta IDEAWARE

et al. 2021

View full text Add to dashboard Cite

Novas tendências de negócios e formas de trabalho emergem conforme a evolução das tecnologias. Uma dessas tecnologias refere-se à virtualização de serviços, que é uma ferramenta disponibilizada pela computação em nuvem, que traz ganhos, principalmente, em competitividade. Desenvolvido por um grupo de pesquisa da Universidade de Santa Cruz do Sul (UNISC), o IdeiaWare é uma ferramenta de gerenciamento de ideias voltada, principalmente, ao desenvolvimento e inovação de produtos e serviços. A base de dados do software está hospedada em um servidor local na própria universidade e pode ser acessada via um endereço web. Hipóteses de disponibilizar o serviço na nuvem foram consideradas, mas questões como vantagens e segurança surgiram como dúvidas para tal proposta. Sendo assim, esse trabalho realizou uma pesquisa na base de dados Scopus, com os termos “virtualização de serviços”, “nuvem” e “segurança”, com o intuito de responder tais questionamentos. Como resultados dos estudos realizados, as vantagens de disponibilizar o serviço na Nuvem são: redução de custos, grande área de cobertura e serviço sob demanda. Também são destacadas maneiras de proteção de dados, de acordo com os trabalhos estudados.

show abstract

Section: Apresentar Técnicas De Proteção Dos Dados Armazenados Em Nuvemunclassified

Benefícios da tecnologia CLOUD (nuvem) para virtualização de serviços: um estudo para a ferramenta IDEAWARE

et al. 2021

View full text Add to dashboard Cite

show abstract

“…Ren et al [15] analyzed the security threats and challenges virtual machines faced and presented several typical attacks to virtual machine on the Xen platform. Elmrabet et al [16] proposed a new three-layer security architecture, which is composed of virtual switch, virtual firewall, and VLANs, to prevent attacks to virtual machines, such as sniffing, spoofing, and mac flooding. Sathya et al [17] introduced a trusted model for VM security in cloud computing.…”

Section: Related Workmentioning

confidence: 99%

An Access Control Model for Preventing Virtual Machine Hopping Attack

Dong

Zhou

2019

Future Internet

View full text Add to dashboard Cite

As a new type of service computing model, cloud computing provides various services through the Internet. Virtual machine (VM) hopping is a security issue often encountered in the virtualization layer. Once it occurs, it directly affects the reliability of the entire computing platform. Therefore, we have thoroughly studied the virtual machine hopping attack. In addition, we designed the access control model PVMH (Prevent VM hopping) to prevent VM hopping attacks based on the BLP model and the Biba model. Finally, we implemented the model on the Xen platform. The experiments demonstrate that our PVMH module succeeds in preventing VM hopping attack with acceptable loss to virtual machine performance.

show abstract

“…Despite the wide variety of industrial cyber-attacks, they usually attempt to compromise these three security parameters: confidentiality, availability, and integrity [11]. The first class of attacks which target the confidentiality includes attacks such as Traffic analysis attack [17], Modbus network scanning [2], and DNP3 network scanning [7] which target the two industrial protocol Modbus and DNP3, respectively.…”

Section: Introductionmentioning

confidence: 99%

“…Finally, we propose a network architecture to deploy the proposed anomalybased intrusion detection system across the Advanced Metering Infrastructure network. In addition, we propose a network security architecture composed of two types of Intrusion detection system types, Host and Network-based, deployed across the Advanced Metering Infrastructure network to inspect the traffic and detect the malicious one at all the levels.Despite the wide variety of industrial cyber-attacks, they usually attempt to compromise these three security parameters: confidentiality, availability, and integrity [11]. The first class of attacks which target the confidentiality includes attacks such as Traffic analysis attack [17], Modbus network scanning [2], and DNP3 network scanning [7] which target the two industrial protocol Modbus and DNP3, respectively.…”

mentioning

confidence: 99%

Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Mrabet

Ezzari

Elghazi

et al. 2019

Proceedings of the 2nd International Conference on Networking, Information Systems &Amp; Security

Self Cite

View full text Add to dashboard Cite

Smart grid is an alternative solution of the conventional power grid which harnesses the power of the information technology to save the energy and meet today's' environment requirements. Due to the inherent vulnerabilities in the information technology, the smart grid is exposed to a wide variety of threats that could be translated into cyber-attacks. In this paper, we develop a deep learning-based intrusion detection system to defend against cyber-attacks in the advanced metering infrastructure network. The proposed machine learning approach is trained and tested extensively on an empirical industrial dataset which is composed of several attack' categories including the scanning, buffer overflow, and denial of service attacks. Then, an experimental comparison in terms of detection accuracy is conducted to evaluate the performance of the proposed approach with Naïve Bayes, Support Vector Machine, and Random Forest. The obtained results suggest that the proposed approaches produce optimal results comparing to the other algorithms. Finally, we propose a network architecture to deploy the proposed anomalybased intrusion detection system across the Advanced Metering Infrastructure network. In addition, we propose a network security architecture composed of two types of Intrusion detection system types, Host and Network-based, deployed across the Advanced Metering Infrastructure network to inspect the traffic and detect the malicious one at all the levels.Despite the wide variety of industrial cyber-attacks, they usually attempt to compromise these three security parameters: confidentiality, availability, and integrity [11]. The first class of attacks which target the confidentiality includes attacks such as Traffic analysis attack [17], Modbus network scanning [2], and DNP3 network scanning [7] which target the two industrial protocol Modbus and DNP3, respectively. The second category of attacks which target the availability of the system includes attack such as Puppet attack [25], the Time delay switch attack and the Time synchronization attack [27] which are considered as a denial of service attack. The third category of attacks includes the false data injection attack, popping the Home Machine Interface (HMI) [17], Masquerade attack [17], and jamming attack [13].Defending against these various cyber-attacks in a distributed and heterogeneous system, such as smart grid, is challenging. The smart grid consists of several system and protocols including the supervisory and control and data acquisition (SCADA), the demand response system, the automation substation, and the advanced metering infrastructure (AMI). In this paper, we will focus on defending against cyber-attacks in the AMI network because it constitutes the main connection point between the Home Area Network (HAN) with the Neighborhood Area Network (NAN) and the Wide Area Network (WAN). The AMI Advanced metering infrastructure (AMI) is responsible for collecting, measuring and analyzing energy, water, and gas usage. It allows two-way communication from th...

show abstract

A New Secure Network Architecture to Increase Security Among Virtual Machines in Cloud Computing

Cited by 9 publications

References 7 publications

Benefícios da tecnologia CLOUD (nuvem) para virtualização de serviços: um estudo para a ferramenta IDEAWARE

Benefícios da tecnologia CLOUD (nuvem) para virtualização de serviços: um estudo para a ferramenta IDEAWARE

An Access Control Model for Preventing Virtual Machine Hopping Attack

Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Contact Info

Product

Resources

About