An intrusion detection and prevention system in cloud computing: A systematic review

Ahmed Patel, Mona Taghavi, Kaveh Bakhtiyari, Joaquim Celestino Júnior

    Research output: Contribution to journalArticle

    207 Citations (Scopus)

    Abstract

    The distributed and open structure of cloud computing and services becomes an attractive target for potential cyber-attacks by intruders. The traditional Intrusion Detection and Prevention Systems (IDPS) are largely inefficient to be deployed in cloud computing environments due to their openness and specific essence. This paper surveys, explores and informs researchers about the latest developed IDPSs and alarm management techniques by providing a comprehensive taxonomy and investigating possible solutions to detect and prevent intrusions in cloud computing systems. Considering the desired characteristics of IDPS and cloud computing systems, a list of germane requirements is identified and four concepts of autonomic computing self-management, ontology, risk management, and fuzzy theory are leveraged to satisfy these requirements.

    Original languageEnglish
    Pages (from-to)25-41
    Number of pages17
    JournalJournal of Network and Computer Applications
    Volume36
    Issue number1
    DOIs
    Publication statusPublished - Jan 2013

    Fingerprint

    Intrusion detection
    Cloud computing
    Taxonomies
    Risk management
    Ontology
    Computer systems

    Keywords

    • Alarm correlation
    • Cloud computing
    • Intrusion detection and prevention
    • System requirements
    • Taxonomy

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Computer Science Applications
    • Hardware and Architecture

    Cite this

    An intrusion detection and prevention system in cloud computing : A systematic review. / Patel, Ahmed; Taghavi, Mona; Bakhtiyari, Kaveh; Celestino Júnior, Joaquim.

    In: Journal of Network and Computer Applications, Vol. 36, No. 1, 01.2013, p. 25-41.

    Research output: Contribution to journalArticle

    Patel, Ahmed ; Taghavi, Mona ; Bakhtiyari, Kaveh ; Celestino Júnior, Joaquim. / An intrusion detection and prevention system in cloud computing : A systematic review. In: Journal of Network and Computer Applications. 2013 ; Vol. 36, No. 1. pp. 25-41.
    @article{4f61c7a1bcaa4ae7a3f16e844cd379fa,
    title = "An intrusion detection and prevention system in cloud computing: A systematic review",
    abstract = "The distributed and open structure of cloud computing and services becomes an attractive target for potential cyber-attacks by intruders. The traditional Intrusion Detection and Prevention Systems (IDPS) are largely inefficient to be deployed in cloud computing environments due to their openness and specific essence. This paper surveys, explores and informs researchers about the latest developed IDPSs and alarm management techniques by providing a comprehensive taxonomy and investigating possible solutions to detect and prevent intrusions in cloud computing systems. Considering the desired characteristics of IDPS and cloud computing systems, a list of germane requirements is identified and four concepts of autonomic computing self-management, ontology, risk management, and fuzzy theory are leveraged to satisfy these requirements.",
    keywords = "Alarm correlation, Cloud computing, Intrusion detection and prevention, System requirements, Taxonomy",
    author = "Ahmed Patel and Mona Taghavi and Kaveh Bakhtiyari and {Celestino J{\'u}nior}, Joaquim",
    year = "2013",
    month = "1",
    doi = "10.1016/j.jnca.2012.08.007",
    language = "English",
    volume = "36",
    pages = "25--41",
    journal = "Journal of Network and Computer Applications",
    issn = "1084-8045",
    publisher = "Academic Press Inc.",
    number = "1",

    }

    TY - JOUR

    T1 - An intrusion detection and prevention system in cloud computing

    T2 - A systematic review

    AU - Patel, Ahmed

    AU - Taghavi, Mona

    AU - Bakhtiyari, Kaveh

    AU - Celestino Júnior, Joaquim

    PY - 2013/1

    Y1 - 2013/1

    N2 - The distributed and open structure of cloud computing and services becomes an attractive target for potential cyber-attacks by intruders. The traditional Intrusion Detection and Prevention Systems (IDPS) are largely inefficient to be deployed in cloud computing environments due to their openness and specific essence. This paper surveys, explores and informs researchers about the latest developed IDPSs and alarm management techniques by providing a comprehensive taxonomy and investigating possible solutions to detect and prevent intrusions in cloud computing systems. Considering the desired characteristics of IDPS and cloud computing systems, a list of germane requirements is identified and four concepts of autonomic computing self-management, ontology, risk management, and fuzzy theory are leveraged to satisfy these requirements.

    AB - The distributed and open structure of cloud computing and services becomes an attractive target for potential cyber-attacks by intruders. The traditional Intrusion Detection and Prevention Systems (IDPS) are largely inefficient to be deployed in cloud computing environments due to their openness and specific essence. This paper surveys, explores and informs researchers about the latest developed IDPSs and alarm management techniques by providing a comprehensive taxonomy and investigating possible solutions to detect and prevent intrusions in cloud computing systems. Considering the desired characteristics of IDPS and cloud computing systems, a list of germane requirements is identified and four concepts of autonomic computing self-management, ontology, risk management, and fuzzy theory are leveraged to satisfy these requirements.

    KW - Alarm correlation

    KW - Cloud computing

    KW - Intrusion detection and prevention

    KW - System requirements

    KW - Taxonomy

    UR - http://www.scopus.com/inward/record.url?scp=84870667876&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84870667876&partnerID=8YFLogxK

    U2 - 10.1016/j.jnca.2012.08.007

    DO - 10.1016/j.jnca.2012.08.007

    M3 - Article

    AN - SCOPUS:84870667876

    VL - 36

    SP - 25

    EP - 41

    JO - Journal of Network and Computer Applications

    JF - Journal of Network and Computer Applications

    SN - 1084-8045

    IS - 1

    ER -