Show simple item record

AuthorKholidy, Hisham A.
AuthorErradi, Abdelkarim
AuthorAbdelwahed, Sherif
AuthorYousof, Ahmed M.
AuthorAli, Hisham Arafat
Available date2016-06-12T10:03:44Z
Publication Date2014
Publication NameProceedings of the 2014 IEEE/ACS International Conference on Computer Systems and Applications, AICCSA
CitationH. A. Kholidy, A. Erradi, S. Abdelwahed, A. M. Yousof and H. A. Ali, "Online risk assessment and prediction models for Autonomic Cloud Intrusion srevention systems," 2014 IEEE/ACS 11th International Conference on Computer Systems and Applications (AICCSA), Doha, 2014, pp. 715-722.
AbstractThe extensive use of virtualization in implementing cloud infrastructure brings unrivaled security concerns for cloud tenants or customers and introduces an additional layer that itself must be completely configured and secured. Intruders can exploit the large amount of cloud resources for their attacks. Most of the current security technologies do not provide the essential security features for cloud systems such as early warnings about future ongoing attacks, autonomic prevention actions, and risk measure. This paper discusses the integration of these three features to our Autonomic Cloud Intrusion Detection Framework (ACIDF). The early warnings are signaled through a new finite State Hidden Markov prediction model that captures the interaction between the attackers and cloud assets. The risk assessment model measures the potential impact of a threat on assets given its occurrence probability. The estimated risk of each security alert is updated dynamically as the alert is correlated to prior ones. This enables the adaptive risk metric to evaluate the cloud's overall security state. The prediction system raises early warnings about potential attacks to the autonomic component, controller. Thus, the controller can take proactive corrective actions before the attacks pose a serious security risk to the system. According to our experiments, both risk metric and prediction model have successfully signaled early warning alerts 39.6 minutes before the launching of the LLDDoS1.0 attack. This gives the system administrator or an autonomic controller ample time to take preventive measures.
SubjectAutonomic response
Subjectcloud computing
Subjectearly warning
SubjectHidden Markov models (HMM)
Subjectintrusion prediction
SubjectIntrusion prevention
Subjectonline risk assessment
Subjectsecurity of data
TitleOnline risk assessment and prediction models for Autonomic Cloud Intrusion srevention systems
TypeConference Paper

Files in this item


There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record