Get access

Virtual Intrusion Detection Systems in the Cloud



With the increasing popularity of cloud networks, serious issues around security for ubiquitous hosts will need to be addressed. In this paper we focus on a virtual intrusion detection system (V-IDS). We present a new architecture that uses the basic principles of cloud computing, virtualization, and the Generalized Multiprotocol Label Switching (GMPLS) control plane and applies them to intrusion detection systems, in order to protect cloud networks characterized by a constantly changing underlying infrastructure and physical topology. Our research is not focused on new algorithms or products capable of solving the security problem in cloud networks: our goal is to define a process and a novel architecture that minimizes the security risk in distributed networks, implementing the principle that network security and reliability is not a “product,” but a well defined “process.” On the basis of the defined architecture we have implemented a prototype cloud-based IDS that validates our thesis. The prototype is realized though the integration of two open source technologies: OpenNebula and Dynamic Resource Allocation via GMPLS Optical Networks (DRAGON). © 2012 Alcatel-Lucent.