Intrusion Detection and Prevention Systems In the Cloud Environment

Abdulazeez, MB
(2017) Intrusion Detection and Prevention Systems In the Cloud Environment. Doctor of Philosophy thesis, University of Liverpool.

[thumbnail of 201012861_Aug2017.pdf] Text
201012861_Aug2017.pdf - Unspecified

Download (2MB)


Cloud computing provides users with computing resources on demand. Despite the recent boom in adoption of cloud services, security remains an important issue. The aim of this work is to study the structure of cloud systems and propose a new security architecture in protecting cloud against attacks. This work also investigates auto-scaling and how it affects cloud computing security. Finally, this thesis studies load balancing and scheduling in cloud computing particularly when some of the workload is faulty or malicious. The first original contribution proposes a hierarchical model for intrusion detection in the cloud environment. Finite state machines (FSM) of the model were produced and verified then analyzed using probabilistic model checker. Results indicate that given certain conditions the proposed model will be in a state that efficiently utilize resources despite the presence of attack. In this part of work how cloud handles failure and its relationship to auto-scaling mechanisms within the cloud has been investigated. The second original contribution proposes a lightweight robust scheduling algorithm for load balancing in the cloud. Here some of the traffic is not reliable. Formal analysis of the algorithm were conducted and results showed that given some arrival rates of both genuine and malicious traffic average queues will stabilize, i.e. they will not grow to infinity. Experimental results studied both queues and latency, and they showed that under the same conditions naive algorithms do not stabilize. The algorithm was then extended to decentralized settings where servers maintain separate queues. In this approach when a job arrives, a dispatching algorithm is used to decide which server to send it to. Different dispatching algorithms were proposed and experimental results indicate that the new algorithms perform better than some of the existing algorithms. The results were further extended to heterogeneous (servers with different configuration) settings and it was shown that some algorithms that were stable in homogeneous setting are not stable under this setting. Simulations monitoring queue sizes confirmed that some algorithms which are stable in homogeneous setting, are not stable under this setting. It is hoped that this study with inform and enlighten cloud service providers about new ways to improve the security of the cloud in the presence of failure/attacks.

Item Type: Thesis (Doctor of Philosophy)
Divisions: Faculty of Science and Engineering > School of Electrical Engineering, Electronics and Computer Science
Depositing User: Symplectic Admin
Date Deposited: 14 Dec 2017 16:05
Last Modified: 16 Jan 2024 17:21
DOI: 10.17638/03009224