Self-adaptable Security Monitoring for IaaS Cloud Environments

Abstract : Rapid elasticity and automatic provisioning of virtual resources are some of the main characteristics of laaS clouds. The dynamic nature of laaS clouds is translated to frequent changes that refer to different levels of the virtual infrastructure. Due to the critical and sometimes private information hosted in tenant virtual infrastructures, security monitoring is of great concern for both tenants and the provider. Unfortunately, the dynamic changes affect the ability of a security monitoring framework to successfully detect attacks that target cloud-hosted virtual infrastructures. In this thesis we have designed a self-adaptable security monitoring framework for laaS cloud environments that is designed to adapt its components based on different changes that occur in a virtual infrastructure. Our framework has two instantiations focused on different security devices: SAIDS, a scalable network intrusion detection system, and AL-SAFE, an introspection-based application-level firewall. We have evaluated our prototype focusing on performance, cost and security for both tenants and the provider. Our results demonstrate that our prototype imposes a tolerable overhead while providing accurate detection results.
Document type :
Theses
Complete list of metadatas

Cited literature [71 references]  Display  Hide  Download

https://hal.inria.fr/tel-01653831
Contributor : Abes Star <>
Submitted on : Friday, April 20, 2018 - 3:10:07 PM
Last modification on : Thursday, September 26, 2019 - 1:21:13 AM

File

2017ISAR0021_Giannakou_Anna.pd...
Version validated by the jury (STAR)

Identifiers

  • HAL Id : tel-01653831, version 2

Citation

Anna Giannakou. Self-adaptable Security Monitoring for IaaS Cloud Environments. Cryptography and Security [cs.CR]. INSA de Rennes, 2017. English. ⟨NNT : 2017ISAR0021⟩. ⟨tel-01653831v2⟩

Share

Metrics

Record views

327

Files downloads

657