This chapter contains the state of the art of the latest security issues of cloud computing as well as security issues of internet of things (IoT) applications. It discusses the integration of IoT platforms with cloud computing services, security of the hosted data, intrusion and anomaly detection techniques used to detect attacks in virtualized networks. The chapter also discusses some of the lightweight anomaly detection techniques to use in integrated constrained devices' ecosystems with cloud computing environments. This chapter focuses on efficient integration of cloud hosting with IoT applications as well as integration of lightweight intrusion detection systems in the latter environments.
TopIntroduction
Nowadays, cloud computing is a well-known term in scientific and professional domains. It is the main interest of many specialists in information and communication technologies. Foster et al. (2008) define cloud computing as “A large-scale distributed computing paradigm that is driven by economies of scale, in which a pool of abstracted, virtualized, dynamically-scalable, managed computing power, storage, platforms, and services are delivered on demand to external customers over the Internet”. Cloud computing as defined by Mell and Grance of NIST (2011) is “…a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.”, as shown in Figure 1. Cloud computing services are increasingly popular during the last years. These days, everyone uses cloud computing services when consulting an email service, social networks, academic applications, professional software, etc. Indeed, Forbes state that the “Worldwide spending on public cloud services will grow at a 19.4% CAGR from $70B in 2015 to $141B in 2019.”. This grow shows the importance of this technology. Actually, cloud computing is very helpful to many fields like Healthcare, E-Commerce, Big data, Education and Research, etc.
Figure 1. The five essential characteristics, three service models, and four deployment models of the cloud model based on definition of cloud computing by NIST
Internet of things (IoT) is a new paradigm which interest a very large research community and IT professionals. IoT permits the users to gather data from sensors and many types of devices (mobile phone, phablets, sensors, computers, etc.) and send the data to servers or stations via internet. Figure 2 shows a simple architecture of IoT environments. Because the devices used in the IoT domain are in most cases constrained which means they have less RAM and processing capacity, cloud computing is one of the best options for IoT applications when talking about hosting and organization of data. One of the residing issues in these environments is data hacking and compromising. If the data collected from IoT devices is modified without permissions, this could be very dangerous to some applications especially in the healthcare field where we are dealing with patients' data. For this, an intrusion detection and prevention system could be very good candidate for minimizing the risks of compromising and network attacks.
Figure 2. A simple IoT architecture
Intrusion detection and prevention is an area that interested many researchers for years. Intrusion detection in a computer network is an important element to the overall security of information systems. Intrusion prevention is even more important for critical systems such as those of the bank. Big Data and Cloud Computing technologies have created several advantages for the research community. Their ability to handle large volumes of data, storing them and extracting useful information from them are just some of the features of the said technologies. Unfortunately, attackers are also using the latest advances of these technologies for non-legitimate purpose, which leads to the growth of the number of specialists and researchers in the field of computer security to make more effort in order to minimize the risk of having their systems attacked. At the end of minimizing intrusions, intrusion detection systems (IDS) are among the most used. However, they are not fully integrated into cloud computing environments. The IDS is a very important component of information systems. The arrival of cloud computing and IoT technologies created a new field of research for the community. Intrusion detection and anomaly detection in integrated cloud computing environments and IoT are among the very interesting new fields of research.
Among the objectives of this chapter are the following: