Abstract
This paper details a robust collaborative intrusion detection methodology for detecting attacks within a Cloud federation. It is a proactive model and the responsibility for managing the elements of the Cloud is distributed among several monitoring nodes. Since there are a wide range of elements to manage, complexity grows proportionally with the size of the Cloud, so a suitable communication and monitoring hierarchy is adopted. Our architecture consists of four major entities: the Cloud Broker, the monitoring nodes, the local coordinator (Super Nodes), and the global coordinator (Command and Control server - C2). Utilising monitoring nodes into our architecture enhances the performance and response time, yet achieves higher accuracy and a broader spectrum of protection. For collaborative intrusion detection, we use the Dempster Shafer theory of evidence via the role of the Cloud Broker. Dempster Shafer executes as a main fusion node, with the role to collect and fuse the information provided by the monitors, taking the final decision regarding a possible attack.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Josang, A., Pope, S.: Dempster’s rule as seen by little coloured balls. Comput. Intell. 28(4), 453–474 (2012)
MacDermott, Á., Shi, Q., Kifayat, K.: Collaborative intrusion detection in a federated Cloud environment using the Dempster-Shafer theory of evidence. In: European Conference on Information Warfare and Security, ECCWS (2015)
MacDermott, Á., Shi, Q., Kifayat, K.: Collaborative intrusion detection in federated cloud environments. J. Comput. Sci. Appl. Big Data Anal. Intell. Syst. 3(3A), 10–20 (2015)
Rak, M., Ficco, M., Luna, J., Ghani, H., Suri, N., Panica, S., Petcu, D.: Security issues in cloud federations. In: Achieving Federated and Self-Manageable Cloud Infrastructures: Theory and Practice, pp. 176–194 (2012). http://doi.org/10.4018/978-1-4666-1631-8.ch010
Ten, C.W., Manimaran, G., Liu, C.C.: Cybersecurity for critical infrastructures: attack and defense modeling. IEEE Trans. Syst. Man Cybern. Part A: Syst. Hum. 40(4), 853–865 (2010). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5477189
Thomas, C., Narayanaswamy, B.: Sensor fusion for enhancement in intrusion detection. In: Sensor Fusion - Foundation and Applications, pp. 61–76 (2011)
Trend Micro Incorporated.: Report on Cybersecurity and Critical Infrastructure in the Americas (2015)
Xiao, Z., Xiao, Y.: Security and privacy in cloud computing. IEEE Commun. Surv. Tutor. 15(2), 843–859 (2013)
Acknowledgements
The work reported in this paper is partly supported under the Newton Research Collaboration Programme by the Royal Academy of Engineering.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
MacDermott, Á., Shi, Q., Kifayat, K. (2017). Distributed Attack Prevention Using Dempster-Shafer Theory of Evidence. In: Huang, DS., Hussain, A., Han, K., Gromiha, M. (eds) Intelligent Computing Methodologies. ICIC 2017. Lecture Notes in Computer Science(), vol 10363. Springer, Cham. https://doi.org/10.1007/978-3-319-63315-2_18
Download citation
DOI: https://doi.org/10.1007/978-3-319-63315-2_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-63314-5
Online ISBN: 978-3-319-63315-2
eBook Packages: Computer ScienceComputer Science (R0)