Cloud intrusion detection based on change tracking and a new benchmark dataset

Simple item page
dc.contributor.authorAldribi, Abdulaziz
dc.contributor.supervisorTraore, Issa
dc.date.accessioned2018-08-30T22:37:04Z
dc.date.copyright2018en_US
dc.date.issued2018-08-30
dc.degree.departmentDepartment of Electrical and Computer Engineeringen_US
dc.degree.levelDoctor of Philosophy Ph.D.en_US
dc.description.abstractThe adoption of cloud computing has increased dramatically in recent years due to at- tractive features such as flexibility, cost reductions, scalability, and pay per use. Shifting towards cloud computing is attracting not only industry but also government and academia. However, given their stringent privacy and security policies, this shift is still hindered by many security concerns related to the cloud computing features, namely shared resources, virtualization and multi-tenancy. These security concerns vary from privacy threats and lack of transparency to intrusions from within and outside the cloud infrastructure. There- fore, to overcome these concerns and establish a strong trust in cloud computing, there is a need to develop adequate security mechanisms for effectively handling the threats faced in the cloud. Intrusion Detection Systems (IDSs) represent an important part of such mech- anisms. Developing cloud based IDS that can capture suspicious activity or threats, and prevent attacks and data leakage from both inside and outside the cloud environment is paramount. However, cloud computing is faced with a multidimensional and rapidly evolv- ing threat landscape, which makes cloud based IDS more challenging. Moreover, one of the most significant hurdles for developing such cloud IDS is the lack of publicly available datasets collected from a real cloud computing environment. In this dissertation, we intro- duce the first public dataset of its kind, named ISOT Cloud Intrusion Dataset (ISOT-CID), for cloud intrusion detection. The dataset consists of several terabytes of data, involving normal activities and a wide variety of attack vectors, collected over multiple phases and periods of time in a real cloud environment. We also introduce a new hypervisor-based cloud intrusion detection system (HIDS) that uses online multivariate statistical change analysis to detect anomalous network behaviors. As a departure from the conventional monolithic network IDS feature model, we leverage the fact that a hypervisor consists of a collection of instances, to introduce an instance-oriented feature model that exploits indi- vidual as well as correlated behaviors of instances to improve the detection capability. The proposed approach is evaluated using ISOT-CID and the experiments along with results are presented.en_US
dc.description.embargo2020-08-14
dc.description.scholarlevelGraduateen_US
dc.identifier.bibliographicCitationAldribi A., Traore I., Moa B. (2018) Data Sources and Datasets for Cloud Intrusion Detection Modeling and Evaluation. In: Mishra B., Das H., Dehuri S., Jagadev A. (eds) Cloud Computing for Optimization: Foundations, Applications, and Challenges. Studies in Big Data, vol 39. Springer, Chamen_US
dc.identifier.bibliographicCitationAldribi A., Traore I. (2015) A Game Theoretic Framework for Cloud Security Transparency. In: Qiu M., Xu S., Yung M., Zhang H. (eds) Network and System Security. NSS 2015. Lecture Notes in Computer Science, vol 9408. Springer, Cham 015, pp. 18-22. doi: 10.1109/PACRIM.2015.7334802en_US
dc.identifier.bibliographicCitationA. Aldribi, I. Traore and G. Letourneau, "Cloud Slicing a new architecture for cloud security monitoring," 2015 IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM), Victoria, BC, 2en_US
dc.identifier.urihttp://hdl.handle.net/1828/9994
dc.languageEnglisheng
dc.language.isoenen_US
dc.rightsAvailable to the World Wide Weben_US
dc.subjectCloud Computingen_US
dc.subjectIntrusion Detectionen_US
dc.subjectCloud computing Dataseten_US
dc.subjectChange Pointen_US
dc.titleCloud intrusion detection based on change tracking and a new benchmark dataseten_US
dc.typeThesisen_US

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Aldribi_Abdulaziz_PhD_2018_Corrected.pdf
Size:
3.45 MB
Format:
Adobe Portable Document Format
Description:
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Electronic Theses and Dissertations (ETD)
Theses (Electrical and Computer Engineering)
 
University of Victoria Libraries

We acknowledge and respect the Lək̓ʷəŋən (Songhees and Esquimalt) Peoples on whose territory the university stands, and the Lək̓ʷəŋən and W̱SÁNEĆ Peoples whose historical relationships with the land continue to this day.