Anomaly Detection System in Secure Cloud Computing Environment

Full Text (PDF, 939KB), PP.10-21

Views: 0 Downloads: 0

Author(s)

Zhengbing Hu 1,* Sergiy Gnatyuk 2 Oksana Koval 2 Viktor Gnatyuk 2 Serhii Bondarovets 2

1. School of Educational Information Technology, Central China Normal University, Wuhan, China

2. National Aviation University, IT-Security Academic Dept, Kyiv, Ukraine

* Corresponding author.

DOI: https://doi.org/10.5815/ijcnis.2017.04.02

Received: 1 Oct. 2016 / Revised: 1 Dec. 2016 / Accepted: 15 Jan. 2017 / Published: 8 Apr. 2017

Index Terms

Anomaly Detection, Big Data, Information Security, Data Analysis, Machine Learning, Signature Detection, Data Center, Cloud Computing, Vulnerability, Security, Technology Architecture, Threat Model

Abstract

Continuous growth of using the information technologies in the modern world causes gradual accretion amounts of data that are circulating in information and telecommunication system. That creates an urgent need for the establishment of large-scale data storage and accumulation areas and generates many new threats that are not easy to detect. Task of accumulation and storing is solved by datacenters – tools, which are able to provide and automate any business process. For now, almost all service providers use quite promising technology of building datacenters – Cloud Computing, which has some advantages over its traditional opponents. Nevertheless, problem of the provider’s data protection is so huge that risk to lose all your data in the “cloud” is almost constant. It causes the necessity of processing great amounts of data in real-time and quick notification of possible threats. Therefore, it is reasonable to implement in data centers’ network an intellectual system, which will be able to process large datasets and detect possible breaches. Usual threat detection methods are based on signature methods, the main idea of which is comparing the incoming traffic with databases of known threats. However, such methods are becoming ineffective, when the threat is new and it has not been added to database yet. In that case, it is more preferable to use intellectual methods that are capable of tracking any unusual activity in specific system – anomaly detection methods. However, signature module will detect known threats faster, so it is logical to include it in the system too. Big Data methods and tools (e.g. distributed file system, parallel computing on many servers) will provide the speed of such system and allow to process data dynamically. This paper is aimed to demonstrate developed anomaly detection system in secure cloud computing environment, show its theoretical description and conduct appropriate simulation. The result demonstrate that the developed system provides the high percentage (>90%) of anomaly detection in secure cloud computing environment.

Cite This Paper

Zhengbing Hu, Sergiy Gnatyuk, Oksana Koval, Viktor Gnatyuk, Serhii Bondarovets, "Anomaly Detection System in Secure Cloud Computing Environment", International Journal of Computer Network and Information Security(IJCNIS), Vol.9, No.4, pp. 10-21, 2017. DOI:10.5815/ijcnis.2017.04.02

Reference

[1]A. Ghaffa, R. Soomro, “Big Data Analysis: Ap Spark Perspective”, Global Journal of Computer Science and Technology: Software & Data Engineering, Vol., 15 Iss.1, 2015.
[2]Ah. Aljarray and Ab. Almadar, “Analysis and Detection of Fraud in International Calls Using Decision Tree”, R&D Office, Libya-Misrata.
[3]V Chandola, A Banerjee and V Kumar, “Anomaly detection: A Survey”, ACM computing surveys (CSUR), 2009.
[4]S. Bondarovets, O. Koval and S. Gnatyuk, “Anomaly Detection System For Mobile Carrier Based On Big Data Concept” in Information Technology And Security, vol. 4, no. 2, pp. 25-35, 2016.
[5]M. Boniface, “Platform-as-a-Service Architecture for Real-Time Quality of Service Management in Clouds”, 5th International Conference on Internet and Web Applications and Services (ICIW (Barcelona, Spain: IEEE, 2010), pp 155–160.
[6]“Breaking down what's in your cloud SLA” [Online]. Available: http://searchcloudcomputing.techtarget.com/essentialguide/Breaking-down-whats-in-your-cloud-SLA.
[7]“Cloud Security”. [Online]. Available: http://ru.thales-esecurity.com/solutions/by-business-issue/cloud-computing-security.
[8]“Data Center Architecture Overview”. [Online]. Available: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInfra_1.html.
[9]“Data Center Design Models Overview”. [Online]. Available: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DC_Infra2_5/DCInfra_1.html#wp1058588.
[10]“Data Center Tiers Explained”, 2013. [Online]. Available: http://webcache.googleusercontent.com/ search?q=cache:http://www.thedatacave.com/data-center-tiers-explained&gws_rd=cr&ei=VEvoVsSR KcL8swG78ZH4 BQ.
[11]M. Dodan, “Architected Cloud Solutions Revealed”, Journal of Object Technology, vol. 9 (2).. pp. 27-36, 2010.
[12]“Explain: Tier 1 / Tier 2 / Tier 3 / Tier 4 Data Center”.[Online]. Available: http://www.cybercitibiz/ faq/data-center-standard-overview/.
[13]“Hybrid cloud: is it right for your business?”, 2014. [Online]. Available: http://www.techradar.com/ news/internet/cloud-services/hybrid-cloud-is-it-right-for-your-business—1261343.
[14]L. Kalinichenko A, I. Shanin and Taraban I “Methods for Anomaly Detection: a Survey”, 16th Russian Conference on Digital Libraries RCDL Proceedings, 2014, pp. 20-25.
[15]O. Koval, S. Bondarovets and S. Gnatyuk: Secured data center model based on Cloud Computing technology”, Ukrainian Information Security Research Journal, vol. 18, no. 2, pp. 133-143, 2016.
[16]“Models of cloud technologies”, 2012. [Online]. Available: http://wiki.vspu.ru/workroom/adb91/index.
[17]“NIST Cloud Computing Reference Architecture”, [Online]. Available http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/ReferenceArchitectureTaxonomy/NIST_CC_Reference_Architecture_v1_March_30_2011.pdf.
[18]“Security as a headache of cloud computing”, [Online]. Available: http://www.cnews.ru/reviews/free/saas/ articles/articles12.shtml
[19]“Security Recommendations for Cloud Computing Providers. White Paper”, Federal Office for Information Security, GmbH.: Druckpartner Moser Druck, 2011.
[20]“Self-Run Private Cloud”, [Online]. Available: http://www.gov connection.com/IPA/PM/Info/Cloud-Computing/Self-Run-Private-Cloud.htm.
[21]S. Sagiroglu and D. Sinanc, “Big Data: A Review” IEEE, 2013.
[22]“Snort Manual” [Online]. Available: http://manual-snort-org.s3-website-us-east-1.amazonaws.com/.
[23]“The NIST Definition of Cloud Computing. Recommendations of the National Institute of Standards and Technology”, 2011. [Online]. Available: http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf.
[24]“Threats of Cloud Computing and methods of their protection”, 2015. [[Online]. Available: https://habrahabr.ru/post/183168/
[25]“Understanding the Different Types of Data Center Facilities” [Online]. Available: http://www.cyrusone.com/blog/under standing-the-different-types-of-data-center-facilities/.
[26]“What is cloud computing?” [Online]. Available: http://www.ibm.com/cloud-computing/what-is-cloud-computing.html.
[27]“What type of data center do you need? [Online]. Available:http://www.compassdatacenters.com/type-data-center-need/.
[28]“Whitepaper Cloud Computing Use Cases Version 3.0, produced by the Cloud Computing Use Case Discussion Group” [Online]. Available: http://opencloudmanifesto.org/cloud_computing_use_cases_whitepaper-3_0.pdf.
[29]“4 types of data centers”, 2012. [Online]. Available: https://gigaom.com/2012/10/15/4-types-of-data-centers/.