HIDCC: A hybrid intrusion detection approach in cloud computing

摘要

The rapid growth of distributed computing systems that heavily communicate and interact withrneach other has raised the importance of confrontation against cyber intruders, attackers, andrnsubversives. With respect to the emergence of cloud computing and its deployment all over thernworld, and because of its distributed and decentralized nature, a special security requirementrnis needed to protect this paradigm. Intrusion detection systems could differentiate usual andrnunusual behaviors by means of supervising, verifying, and controlling the configurations, log files,rnnetworktraffic,user activities,andeventheactions of different processesby which they could addrnnew security dimensions to the cloud computing systems. The position of the intrusion detectionrnmechanisms in cloud computing systems as well as the applied algorithms in those mechanismsrnare the 2main factors in whichmany researches have focused on. The goal of those researches isrntouncover intrusions asmuchas possible andto increase the rate andaccuracy of detections whilernreducing the false warnings. Those solutions, however,mainly have high computational loads, lowrnaccuracy, and high implementation costs. In this paper, we present a comprehensive and accuraternsolution to detect and prevent intrusions in cloud computing systems by using a hybrid method,rncalled HIDCC. The implementation results of the proposed method show that the intrusion coverage,rnintrusion detection accuracy, reliability, and availability in cloud computing systems arernconsiderably increased, and falsewarnings are significantly reduced.