• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>IEEE Conference on Communications and Network Security >A quantitative risk assessment framework for adaptive Intrusion Detection in the cloud
【24h】

A quantitative risk assessment framework for adaptive Intrusion Detection in the cloud

机译:云中自适应入侵检测的定量风险评估框架

获取原文
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Cloud computing has significantly transformed the way businesses and governments approach information technology. Although the shift to cloud computing has brought many benefits in terms of cost and efficiency, new security challenges have emerged. A recent study has identified a number of critical security issues for cloud, including advanced persistent threats, malicious insiders, and data breaches. In general, cyber threats have become more sophisticated and malicious actors have devised a variety of different tools to circumvent traditional defenses. Intrusion Detection Systems have been traditionally employed to mitigate these threats by attempting to identify the onset of malicious activities. However, Intrusion Detection Systems are often monolithic solutions that offer very little flexibility in dynamic environments where resources can be elastically provisioned and deprovisioned and defensive priorities and threats can change over time and across different subsystems. To address these limitations and develop a principled approach to elastically deploy intrusion detection capabilities, we propose a quantitative risk assessment framework to enable defenders to deploy fine-grained intrusion detection mechanisms across network domains so as to minimize overall risk to the network infrastructure while prioritizing defensive objectives. Simulation results confirm that our approach can efficiently and effectively reduce risk by selectively deploying intrusion detection mechanisms that address current priorities. With its lightweight architectural design, this framework serves as the foundation for an adaptive approach to intrusion detection in the cloud.
机译:云计算已极大地改变了企业和政府采用信息技术的方式。尽管向云计算的转变在成本和效率方面带来了许多好处,但新的安全挑战却出现了。最近的一项研究确定了云的许多关键安全问题,包括高级持久性威胁,恶意内部人员和数据泄露。总体而言,网络威胁已变得更加复杂,恶意参与者已设计出各种不同的工具来规避传统防御。传统上,入侵检测系统已通过尝试识别恶意活动的发作来缓解这些威胁。但是,入侵检测系统通常是整体解决方案,在动态环境中无法灵活地提供灵活性,在动态环境中,可以弹性地配置和取消配置资源,并且防御优先级和威胁会随着时间的推移以及在不同子系统之间发生变化。为了解决这些限制并开发一种原则性的方法来灵活地部署入侵检测功能,我们提出了一种定量风险评估框架,以使防御者能够在整个网络域中部署细粒度的入侵检测机制,从而在优先考虑防御性的同时最大程度地降低网络基础架构的总体风险目标。仿真结果证实,我们的方法可以通过选择性地部署可解决当前优先级的入侵检测机制来有效地降低风险。凭借其轻量级的架构设计,该框架为云中入侵检测的自适应方法奠定了基础。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号