TABLE OF CONTENTS CHAPTER TITLE PAGE NO NO.

Transcription

1 vi TABLE OF CONTENTS CHAPTER TITLE PAGE NO NO. ABSTRACT iii LIST OF TABLES xiii LIST OF FIGURES xiv LIST OF SYMBOLS AND ABBREVIATIONS xix 1 INTRODUCTION CLOUD COMPUTING Introduction to Cloud Computing Cloud Characteristics Cloud Service Models Cloud Deployment Models Virtualization and Hypervisor Cloud Architecture Advantages of Cloud Computing in the Current Scenario PROBLEMS IN CLOUD COMPUTING CLOUD SECURITY A CURRENT SCENARIO Security Scenarios Regulations Security Controls Service Automation MOTIVATION FOR THIS RESEARCH WORK 15

2 vii 1.4 SUMMARY 16 2 LITERATURE SURVEY IMPORTANCE OF SECURITY IN CLOUD COMPUTING SATE-OF-THE-ART CLOUD COMPUTING SECURITY TAXONOMIES Taxonomy#1: Logical Storage Segregation & Multi-tenancy Security Issues Taxonomy#2: Identity Management Issues Taxonomy#3: Insider Attacks Taxonomy#4: Virtualization Issues Taxonomy#5: Cryptography and Key Management Taxonomy#6: Governance and Regulatory Compliance Gaps Taxonomy#7: Insecure APIs Taxonomy#8: Cloud & CSP Migration Issues Taxonomy#9: SLA & Trust Management Gaps Conclusion: State-of-the-art Cloud Computing Security Taxonomies CLOUD ARCHITECTURE DESIGN SECURITY PERSPECTIVES 35

3 viii Data Center or Physical Security Server Security Network Security Application and Platform Security Encryption and Key Management Infrastructure Security IDENTITY MANAGEMENT IN PRESENT INDUSTRY PERSPECTIVE ESSENTIALS OF INTRUSION DETECTION SYSTEMS IN DATA AND SYSTEM SECURITY CLOUD SECURITY AT PRESENT Investigations at NASA Investigations at Intel Investigations at CSA Investigations at HP Investigations at TCS Investigations at Accenture SUMMARY 61 3 PROBLEM FORMULATION MAIN OBJECTIVE SPECIFIC OBJECTIVES ecloudids Objective 1: Logical storage segregation and multi-tenancy security issues 64

4 ix ecloudids Objective 2: Identity management issues ecloudids Objective 3: Insider attacks ecloudids Objective 4: Virtualization issues ecloudids Objective 5: Cloud VM auditor management issues ecloudids Objective 6: Hacker attacks ecloudids Objective 7: Signature based attacks caused by Worms, Viruses, Trojans, etc SUMMARY 67 4 METHODOLOGY INTRUSION DETECTION SYSTEM Types of IDS Role of IDS in Infrastructure Security Attacks Commonly Detected by IDSs Limitations of Intrusion Detection System MACHINE LEARNING Types of Machine Learning Algorithms Supervised Machine Learning Algorithms Unsupervised Machine Learning Algorithms IDENTITY MANAGEMENT Digital Identity Lifecycle Access-Control Lists 94

5 x Components of Identity Management Identity Management Objectives Role of Identity Management in Cloud Environment SUMMARY ecloudids GENERIC CLOUD SECURITY FRAMEWORK INTRODUCTION NEED FOR THIS INVESTIGATION ESSENTIALS OF THIS SYSTEM ARCHITECTURE ecloudids SYSTEM ARCHITECTURE ecloudids C3 Subsystem CIM Subsystem H-log-H Subsystem Audit Log Preprocessor (ALP) Subsystem ecloudids ux-engine Tier ecloudids sx-engine Tier Warning Level Generator (WLG) Subsystem Alert System SUMMARY 117

6 xi 6 EXPERIMENTATIONS AND RESULTS INTRODUCTION EXPERIMENTAL SETUP PHASE-I EXPERIMENTATION Syslog Preprocessing Daemon Log Preprocessing Xbel Log Preprocessing Auth Log Preprocessing ALP s myfinal.log Preprocessing Numerical Conversion Phase-I Selection Criteria for ux-engine s Unsupervised Machine Learning Algorithm ux-engine Experimentation with SOM PHASE-II EXPERIMENTATION Selection Criteria for SVM Auth Log Preprocessing Daemon Log Preprocessing Database Log Preprocessing Numerical Conversion Phase-II sx-engine Training Phase using SVM in Phase-II of ecloudids sx-engine Testing Phase using SVM in Phase-II of ecloudids Analyzing SVM for Performance and Operational Efficiency of sx-engine 167

7 xii 6.5 RESULTS AND DISCUSSION Phase-I ux-engine Results Phase-II sx-engine Results SUMMARY CONCLUSION AND FUTURE DIRECTIONS CONCLUSION FUTURE DIRECTIONS 191 APPENDIX 1 CLOUD COMPUTING PHYSIOGNOMIES 193 REFERENCES 226 LIST OF PUBLICATIONS 242