Security event correlation approach for cloud computing Online publication date: Wed, 30-Jul-2014
by Massimo Ficco
International Journal of High Performance Computing and Networking (IJHPCN), Vol. 7, No. 3, 2013
Abstract: Cloud computing is a new business model, which represents an opportunity for users, companies, and public organisations to reduce costs and increase efficiency, as well as an alternative way for providing services and resources. In this pay-by-use model, security plays a key role. Cyber attacks are a serious danger, which can compromise the quality of the service delivered to the customers, as well as the costs of the provided cloud resources and services. In this paper, a hybrid and hierarchical event correlation approach for intrusion detection in cloud computing is presented. It consists of detecting intrusion symptoms by collecting diverse information at several cloud architectural levels, using distributed security probes, as well as performing complex event analysis based on a complex event processing engine. The escalation process from intrusion symptoms to the identified cause and target of the intrusion is driven by a knowledge-base represented by an ontology. A prototype implementation of the proposed intrusion detection solution is also presented.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of High Performance Computing and Networking (IJHPCN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com