A Novel Network Intrusion Detection System in Cloud Computing

• Main Authors: Zhi-KaiMo, 莫智凱
• Other Authors: Chu-Sing Yang
• Format: Others
• Language: en_US
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/26559184372385163182

碩士 === 國立成功大學 === 電腦與通信工程研究所 === 102 === With the growth of cloud computing and the maturity of virtualization technology, many enterprises keep on virtualizing their servers for increasing the utilization of servers and lowering their costs. However, complex network topology resulted from virtualized infrastructures may make cloud more vulnerable. And some security events occurred on cloud computing platform in recent years. Therefore, a proper mechanism is needed for detection and prevention of malicious traffic. We propose a network intrusion detection system based on virtualization platform. This intrusion detection system is improved from a multi-pattern based network traffic classifier, collecting packets from the virtual network environment and analyzes content of packets to identify malicious network traffic and intrusion attempts with deep packet inspection technique. We improve the intrusion detection features of the network traffic classifier and deploy it in the XEN virtualization platform. Our system combines with Linux Netfilter framework to monitor inter-virtual-machine communications in the virtualization platform. It also inspects packet efficiently and prevents the cloud computing environment from malicious traffic instantly.