Professional Documents
Culture Documents
AGENDA
Cloud
Intrusion Detection System Virtualization Proposed Model (HSVM) Q&A
WHAT IS CLOUD
WHAT IS CLOUD
CLOUD CHARACTERISTICS
On-demand self-service
Ubiquitous network access Location independent resource pooling Rapid elasticity Measured service Pay as you go Abstract resources
SERVICE MODELS
CONTROLLING
Host :
HP, Cisco , Amazon (AWS) , IBM, GoGRID , Microsoft
API:
Sun , salesforce.com ,amazon, windows Azure , twilio
SaaS:
Skype , SAP, Mobile me, vertica, Oracle , Google windows live , salesforce.com
CLOUD TYPES
NEEDS OF SECURITY
The cloud host and physical layer in addition to VMs must be protected Non-Subvert-ability against compromised service users with infeasibility to suspending the alarm system Deployability Dynamic reaction Accountability The system must be possible to be implemented over various available cloud architectures System must be able to employ impressive techniques to defeat attacks intrusion with minimal effect on legitimate process and functionalities Security system must not affect the clouds core functionality and applications, while it must log cloud activities to enable accountability
Host-based IDSs
-Get audit data from host audit trails. -Detect attacks against a single host
Distributed IDSs
- Gather audit data from multiple host and network that connects the hosts
Network-Based IDSs
- Use network traffic as the audit data source
- Detect attacks from network.
Misuse Detection: - using signature of known attacks signatures or patterns - Needs experts to find out new attack signature to update the signature base - Needs to update the signature frequently Anomaly detection: - detect unknown attacks using learning techniques - deviation the normal behavior with abnormal one - significant false-positive and negative rate as compared to misuse detection
Misuse detection
Anomaly detection
WHAT IS VIRTUALIZATION
Reducing IT costs while increasing the efficiency, utilization and flexibility of their existing computer hardware.
running multiple operating systems and applications on the same SERVER at the same time Increasing the utilization and flexibility of hardware.
VIRTUALIZATION PRODUCTS
VMWARE (ESX, Server) CITRIX (Xen) SUN xVM (VirtualBox) MICROSOFT (Hyper-V Server 2008)
PARALLELS
VIRTUALIRON
CONCEPT OF VIRTUALIZATION
OS
OS
OS
CLOUD LAYERS
Cloud Clients web browser, mobile app, thin client, terminal emulator,..
SaaS CRM, Email, virtual desktop, communication, games,.. PaaS Execution runtime, database, web server, development tools.... IaaS Virtual machine, servers, storage, load balancers, network,...
PRIMARY VM
Process duplicator
VMM-Master
VMShadow
V-Basement Communicator
VMM-Master communicator
Inter-VMMMonitor
Firewall
VIRTUALIZATION BASEMENT