Article Preview
Top1. Introduction
Intrusion is one such critical and important security problem for Cloud Computing. Intrusion is one of the important issues in all the networks, especially in Cloud computing where all the services are served via the Internet. The term intrusion can be defined as the process of entering into a network without proper authentication (Ragendran et al., 2015). The IDS is the most commonly used mechanism to detect various attacks on the cloud (Kene et al., 2015). The ideal IDS are the one that has 100% detection efficiency against the possible vulnerabilities. It can be designed based on detection techniques, deployment location, and alert mechanism the intrusions can be detected by anomaly or signature-based detection techniques (Deshpande et al., 2018). An IDS is a security tool that captures and monitors the network traffic and/or system logs and scans the system/network for suspicious activities. It further alerts the system or cloud administrator about the attacks. Different intrusion detection techniques used in a cloud environment include misuse detection, anomaly detection, virtual machine introspection (VMI), hypervisor introspection (HVI) and a combination of hybrid techniques (Mishra et al., 2017).
Hypervisor-based cloud intrusion detection system does not require additional software installed in virtual machines and has many advantages compared to host-based and network-based intrusion detection systems, which can complement these traditional approaches to intrusion detection. One automated security control recommended by the Cloud Security Alliance for cloud computing environments is an intrusion detection system network intrusion detection system attempt to address attacks from outsiders and generally have limited effectiveness against insider attacks (Nikolai & Yong, 2014). As far as IDS is concerned, the classification of various attacks is very crucial. Based on the classification, the IDS can generate alerts to the user or the administrator against unauthorized access or malicious activities (Deshpande et al., 2018). In IDS, basically, two types of threats are available namely, insider (attackers within a Cloud network) and outsider (attackers outside the Cloud network) considered in Cloud Network (Ghosh et al., 2015). As a traditional security approach, the intrusion detection system (IDS) is a dynamic discipline that has been associated with diverse techniques (Gai et al., 2016). Intrusion Detection System (IDS) has become the most commonly used component of computer system security and compliance practices that defends network-accessible Cloud resources and services from various kinds of threats and attacks (Chiba, 2016).