Proxy Network Intrusion Detection System for Cloud Computing

Cloud computing is the state of the art approach of information technologies. While migrating from conventional data centers to cloud computing paradigm, administrators have to consider costs. Security is one of the biggest problems for all information technologies and also in cloud computing. Some mechanisms are used such as antivirus software, firewall, guard systems or intrusion detection/prevention systems to increase the system security. The main handicap of these mechanisms is extensive usage of hardware, especially CPU and memory. In this paper, we examine the hardware usage of Network Intrusion Detection Systems (NIDSs) with different network architectures. Although the virtualization is preferred by the most of the providers, we chose a virtualized environment as our test bed because of its easier implementation structure from other cloud technologies such as grid and blade architectures. We focused on a proxy NIDS architecture, which is a gateway-based approach (intrusion detection assignment carried out by an outer entity, so why we called it proxy) and has less hardware requirements than other positioning options. It is aimed to show an effective location to IDSs in a virtualized environment. As a result, both providers and customers can easily decide where to locate their defense mechanism.