A preview of the PDF is not available
Providing Response to Security Incidents in the Cloud Computing with Autonomic Systems and Big Data
Abstract and Figures
This article provides a real-time intrusion response system in order to reduce the consequences of the attacks in the Cloud Computing. Our work proposes an autonomic intrusion response technique that uses a utility function to determine the best response to the attack providing self-healing properties to the environment. To achieve this goal, we propose the Intrusion Response Autonomic System (IRAS), which is an autonomic intrusion response system, using Big Data techniques for data analysis. I. INTRODUCTION As a complement to the work presented in , the object of this article is to present the results and details of its implementation. Because of their distributed nature, cloud computing environments are a great target for intruders interested in exploring possible vulnerabilities in their services and consequently using the abundant resources maliciously. The growing number of attacks and vulnerability exploitation techniques requires preventative measures by system administrators. In this context, the need for a highly effective and rapid reactive security system gains importance. These measures are getting more complex with the growth of data heterogeneity and the increasing complexity of the attacks. In addition, slow reaction time from human agents and the huge amount of data and information generated, makes the decision making process an arduous task. In response to this, there is an increase in the usage of Intrusion Detection Systems (IDS) , as a way to identify attack patterns, malicious actions and unauthorized access to an environment . The need for IDS is growing due to limitations in Intrusion Preventing Systems (IPS)-which focus on alerting administrators when a vulnerability is detected, connectivity and threat evolution, as well as the financial appeal of cybercrime . Despite their growing importance, currently available IDS solutions have limited response mechanisms. While the research focus is on better intrusion detection techniques, response and effective threat reaction are still mostly manual and rely on human agents to take effect . Recently, some intrusion detection tools have begun providing limited sets of automated responses, but with the growing complexity of intrusions, the need for more effective response system strategies has increased. Due to implementation limitations , research on intrusion detection techniques advance faster than intrusion response systems .
Figures - uploaded by Carlos Becker Westphall
All figure content in this area was uploaded by Carlos Becker Westphall
Content may be subject to copyright.