A Cloud Immune Security Model Based on Alert Correlation and Software Defined Network

被引:4
|
作者
Melo, Roberto Vasconcelos [1 ]
de Macedo, Douglas D. J. [2 ]
机构
[1] Univ Fed Sergipe, Dept Comp Sci, Aracaju, SE, Brazil
[2] Univ Fed Santa Catarina, Dept Informat Sci, Florianopolis, SC, Brazil
来源
2019 IEEE 28TH INTERNATIONAL CONFERENCE ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES (WETICE) | 2019年
关键词
Network Security; Correlation; Intrusion Detection; Artificial Immune Systems; Cloud; INTRUSION DETECTION;
D O I
10.1109/WETICE.2019.00019
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, we explore the AIS approach to develop an agent-based detection method to analyze network traffic. The system works in conjunction with attack graph based correlation and software-defined network (SDN) technology to mitigate attacks. In the correlation technique, alerts are correlated through an attack graph which improves detection performance by decreasing the false alert rate. The false alert reduction can avoid the negative effect that an SDN countermeasure can bring to the cloud Service Level Agreement (SLA) on the absence of threats. This work was tested for multi-step and distributed denial of service (DDoS) attacks. Results have shown the addition of the correlation technique can aid to the detection performance of AIS detection systems.
引用
收藏
页码:52 / 57
页数:6
相关论文
共 50 条
  • [1] ISM-AC: an immune security model based on alert correlation and software-defined networking
    Melo, Roberto Vasconcelos
    de Macedo, Douglas D. J.
    Kreutz, Diego
    De Benedictis, Alessandra
    Fiorenza, Mauricio Martinuzzi
    [J]. INTERNATIONAL JOURNAL OF INFORMATION SECURITY, 2022, 21 (02) : 191 - 205
  • [2] ISM-AC: an immune security model based on alert correlation and software-defined networking
    Roberto Vasconcelos Melo
    Douglas D. J. de Macedo
    Diego Kreutz
    Alessandra De Benedictis
    Mauricio Martinuzzi Fiorenza
    [J]. International Journal of Information Security, 2022, 21 : 191 - 205
  • [3] Cloud Security Solution Based on Software Defined Network
    Zhao, Shengli
    Li, Zhaochan
    Cao, Ning
    [J]. CYBERSPACE SAFETY AND SECURITY, PT I, 2020, 11982 : 562 - 574
  • [4] Security Solution for Cloud Based on Software Defined Networking
    Patrascu, Naina
    Dartu, Alina
    Cornea, Tudor
    Obreja, Serban Georgica
    Ciurezu, Marina
    Brumaru, Alexandru
    [J]. 2021 IEEE INTERNATIONAL BLACK SEA CONFERENCE ON COMMUNICATIONS AND NETWORKING (IEEE BLACKSEACOM), 2021, : 37 - 42
  • [5] Research on Security Service Model of Software Defined Network
    Wang, Lei
    Cao, Can
    Xie, SiJiang
    Li, Chen
    [J]. 2022 6TH INTERNATIONAL SYMPOSIUM ON COMPUTER SCIENCE AND INTELLIGENT CONTROL, ISCSIC, 2022, : 347 - 351
  • [6] Risk based Security Enforcement in Software Defined Network
    Tripathy, Bata Krishna
    Das, Debi Prasad
    Jena, Swagat Kumar
    Bera, Padmalochan
    [J]. COMPUTERS & SECURITY, 2018, 78 : 321 - 335
  • [7] An Experimental Software Defined Security Controller for Software Defined Network
    Al-Zewairi, Malek
    Suleiman, Dima
    Almajali, Sufyan
    [J]. 2017 FOURTH INTERNATIONAL CONFERENCE ON SOFTWARE DEFINED SYSTEMS (SDS), 2017, : 32 - 36
  • [8] OpCloudSec: Open cloud software defined wireless network security for the Internet of Things
    Sharma, Pradip Kumar
    Singh, Saurabh
    Park, Jong Hyuk
    [J]. COMPUTER COMMUNICATIONS, 2018, 122 : 1 - 8
  • [9] On Security in Software-Defined Vehicular Cloud
    Kim, Myeongsu
    Jang, Insun
    Choo, Sukjin
    Pack, Sangheon
    [J]. 2016 INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC 2016): TOWARDS SMARTER HYPER-CONNECTED WORLD, 2016, : 1259 - 1260
  • [10] A ZigBee Software Defined Network Security
    Basabi, Alireza Ebrahimi
    He, Jingsha
    Hashemi, Seyed Mahmood
    Xuan, Xinggang
    Pathan, Muhammad Salman
    Zardari, Zulfiqar Ali
    [J]. International Journal of Network Security, 2022, 24 (01) : 11 - 19
12345