An Autonomous Agent Based Incident Detection System for Cloud Environments

Doelitzscher, Frank; Reich, Christoph; Knahl, Martin; Clarke, Nathan

doi:10.1109/cloudcom.2011.35

Cited by 24 publications

(25 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Santos et al [20] address the problem of creating a trustworthy cloud infrastructure by giving the cloud user an opportunity to verify the confidentiality and integrity of his own data and VMs. Doelitzscher et al [7] designed a security audit system for IaaS. This means that trust into a cloud infrastructure can be enforced not only by contracts (SLAs), but also by technical mechanisms.…”

Section: System Model and Security Assumptionsmentioning

confidence: 99%

See 1 more Smart Citation

Network Forensics for Cloud Computing

Gebhardt

Reiser

2013

Distributed Applications and Interoperable Systems

View full text Add to dashboard Cite

Abstract.Computer forensics involves the collection, analysis, and reporting of information about security incidents and computer-based criminal activity. Cloud computing causes new challenges for the forensics process. This paper addresses three challenges for network forensics in an Infrastructure-as-a-Service (IaaS) environment: First, network forensics needs a mechanism for analysing network traffic remotely in the cloud. This task is complicated by dynamic migration of virtual machines. Second, forensics needs to be targeted at the virtual resources of a specific cloud user. In a multi-tenancy environment, in which multiple cloud clients share physical resources, forensics must not infringe the privacy and security of other users. Third, forensic data should be processed directly in the cloud to avoid a costly transfer of huge amounts of data to external investigators. This paper presents a generic model for network forensics in the cloud and defines an architecture that addresses above challenges. We validate this architecture with a prototype implementation based on the OpenNebula platform and the Xplico analysis tool.

show abstract

Section: System Model and Security Assumptionsmentioning

confidence: 99%

“…Clients and the service calls are realized with the tool ab 7 . For each VM, the web service is called 2,500 times with 25 concurrent requests.…”

Section: Performance Evaluationmentioning

confidence: 99%

Network Forensics for Cloud Computing

Gebhardt

Reiser

2013

Distributed Applications and Interoperable Systems

View full text Add to dashboard Cite

show abstract

“…The challenges are quite well understood, with a major one regarding categorising the "normal region" and deciding whether or not an anomaly is of malicious character. With respect to related work, we are unaware of such on devising algorithms for detecting behavioural anomalies in cloud based audit systems; with Doelitzscher et al [Doelitzscher et al, 2011] noting this as future work. In later work, the same authors applied neural networks to learn a behavioural model of the user [Doelitzscher et al, 2013].…”

Section: Introductionmentioning

confidence: 99%

Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems

Neovius

Duncan²

2017

Proceedings of the 7th International Conference on Cloud Computing and Services Science

View full text Add to dashboard Cite

Abstract:Achieving information security in the cloud is not a trivial exercise. When the systems involved are accounting software systems, this becomes much more challenging in the cloud, due both to the systems architecture in use, the challenges of proper configuration, and to the multiplicity of attacks that can be made against such systems. A particular issue for accounting systems concerns maintaining a proper audit trail in order that an adequate level of audit may be carried out on the accounting records contained in the system. In this paper we discuss the implications of the traditional approach to such systems and propose a complementary soft security solution relying on detecting behavioural anomalies by evidence theory. The contribution is in conceptualising the anomalies and providing a somewhat theoretical solution for a difficult and challenging problem. The proposed solution is applicable within any domain consisting of rigorous processes and risk of tampering or data exfiltration, such as the cloud based accounting systems.

show abstract

“…Doelitzscher et al [71] emphasize security as a major research area in cloud computing. They also highlight the lack of flexibility of classic intrusion detection mechanisms to handle virtualized environments, suggesting the use of special security audit tools associated to business flow modeling through security SLAs.…”

Section: Books Papers and Other Publicationsmentioning

confidence: 99%

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

Gonzalez

Miers

Redígolo

et al. 2011

2011 IEEE Third International Conference on Cloud Computing Technology and Science

View full text Add to dashboard Cite

The development of cloud computing services is speeding up the rate in which the organizations outsource their computational services or sell their idle computational resources. Even though migrating to the cloud remains a tempting trend from a financial perspective, there are several other aspects that must be taken into account by companies before they decide to do so. One of the most important aspect refers to security: while some cloud computing security issues are inherited from the solutions adopted to create such services, many new security questions that are particular to these solutions also arise, including those related to how the services are organized and which kind of service/data can be placed in the cloud. Aiming to give a better understanding of this complex scenario, in this article we identify and classify the main security concerns and solutions in cloud computing, and propose a taxonomy of security in cloud computing, giving an overview of the current status of security in this emerging technology.

show abstract

An Autonomous Agent Based Incident Detection System for Cloud Environments

Cited by 24 publications

References 10 publications

Network Forensics for Cloud Computing

Network Forensics for Cloud Computing

Anomaly Detection for Soft Security in Cloud based Auditing of Accounting Systems

A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing

Contact Info

Product

Resources

About