Some approaches to developing security models for cloud based systems

Abstract

The work embodied in this thesis is a study on the security vulnerabilities of cloud-based newlinesystems and to propose approaches to deal with such intrusive behaviour of malicious users. newlineThe ultimate aim is to develop models for detection and prevention of unauthorized access and newlinemisuse of cloud resources, thereby enhance the trustworthiness of cloud-based systems. newlineFirst, a cloud environment has been simulated and several measurements have been made to newlinestudy the system performance while monitoring packet transmissions involving malicious and newlinenormal ports. The dataset containing system calls generated by the University of New Mexico newline(UNM) system has been used for our experiments and some system calls have been newlinesuccessfully identified as malicious. Second, network packet features have been studied to newlinedetermine those features responsible for network attacks. For the purpose, ranks of different newlinefeatures in the NSL KDDCUP 99 intrusion dataset have been determined using entropy based newlinefeature ranking classifiers. Few features have been recognized that are key to classifying newlinevarious attack types. By eliminating those features it is observed that the accuracy of attack newlineclassification is enhanced to a large extent when compared to the level of accuracy obtained by newlineconsidering all the features. Various classification techniques namely, Random Trees Forest newline(RF), K-Nearest Neighbors (KNN), Decision Tree (J48), C4 (J48), Projective Adaptive Resonance Theory (PART), C4.5 decision tree, Multilayer Perceptron (MLP), Sequential newlineMinimal Optimization (SMO), Naïve Bayes (NB), KStar (KS) etc. have been applied to detect newlineand classify various attack classes of NSL KDDCUP 99 intrusion dataset. newlineFor our experiments we have created virtual machines and simulated packets in a cloud newlineenvironment; to detect and monitor intrusions by checking system performances (like CPU newlineload, Disk load, Network performance), we used PRTG network monitoring tool and analysed newlinepackets transmitted between nodes.