Network Security in Virtual Scenario

Similar documents
IJSER. Virtualization Intrusion Detection System in Cloud Environment Ku.Rupali D. Wankhade. Department of Computer Science and Technology

Usage of Honeypot to Secure datacenter in Infrastructure as a Service data

CyberP3i Course Module Series

A Review On optimization technique in Server Virtualization

Deploying File Based Security on Dynamic Honeypot Enabled Infrastructure as a Service Data Centre

Securing Your Microsoft Azure Virtual Networks

Network Services, Cloud Computing and Virtualization

Securing Your Amazon Web Services Virtual Networks

Virtual CMS Honey pot capturing threats In web applications 1 BADI ALEKHYA, ASSITANT PROFESSOR, DEPT OF CSE, T.J.S ENGINEERING COLLEGE

MODELING OF CPU USAGE FOR VIRTUALIZED APPLICATION

Firewall Identification: Banner Grabbing

Centralized Control System Architecture

The Mitigation of Threats and Risks in the Process of Virtualization by Securing the Hypervisor Control Factor

Optimized Packet Filtering Honeypot with Intrusion Detection System for WLAN

An Overview of Mobile Security

ADAPTIVE AND DYNAMIC LOAD BALANCING METHODOLOGIES FOR DISTRIBUTED ENVIRONMENT

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Multi Packed Security Addressing Challenges in Cloud Computing

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

International Journal of Computer & Organization Trends Volume5 Issue3 May to June 2015

Validating the Security of the Borderless Infrastructure

Interpretation of MPLS Enabled Network with QOS Model

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

CogniFit Technical Security Details

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

1V0-642.exam.30q.

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Network+ Guide to Networks 6 th Edition

Securing VMware NSX MAY 2014

Detection and Removal of Black Hole Attack in Mobile Ad hoc Network

Associate Professor, Aditya Engineering College, Surampalem, India 3, 4. Department of CSE, Adikavi Nannaya University, Rajahmundry, India

Honeyconf: Automated Script for generating Honeyd Configuration to Detect Intruders

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

Web Security. Outline

Operating System Virtualization for Ubiquitous Computing


The Top 6 WAF Essentials to Achieve Application Security Efficacy

IC32E - Pre-Instructional Survey

Network Security and Cryptography. December Sample Exam Marking Scheme

Feature Comparison Summary

Authenticating using Variable One Time Password in Cloud Computing over Existing Honey Pot Technology for Framework Improvement

Microsoft Azure Integration and Security. Course Code: AZ-101; Duration: 4 days; Instructorled

Better Security with Virtual Machines

CS 356 Operating System Security. Fall 2013

TestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified

Detecting & Eliminating Rogue Access Point in IEEE WLAN

Future-ready security for small and mid-size enterprises

Hypervisor Security Issues in Cloud Computing: The Need to Mitigate the Risks

Parallels Virtuozzo Containers

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

Construction and Application of Cloud Data Center in University

CompTIA Network+ Lab V2.0. Course Outline. CompTIA Network+ Lab V Apr

Title: Planning AWS Platform Security Assessment?

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Cloud Computing. Luigi Santangelo Department of Computer Engineering University of Pavia


Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

2. INTRUDER DETECTION SYSTEMS

Stopping Advanced Persistent Threats In Cloud and DataCenters

NEN The Education Network

Information System Security. Nguyen Ho Minh Duc, M.Sc

McAfee Product Entitlement Definitions

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

This course prepares candidates for the CompTIA Network+ examination (2018 Objectives) N

Minjie Zheng, (A project report written under the guidance of Prof. Raj Jain)

HOW MIDSIZE ORGANIZATIONS CAN MEET COMPLIANCE REQUIREMENTS AND ENHANCE CYBERSECURITY WITH MICRO-SEGMENTATION WHITE PAPER FEBRUARY 2018

Why Firewalls? Firewall Characteristics

ANATOMY OF AN ATTACK!

Designing Windows Server 2008 Network and Applications Infrastructure

Optimizing Wireless Network Using Combination of Auto Summarization and EIGRP Protocol

Hyperconvergence and Medical Imaging

How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

Unit- 5. Linux Systems

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

VMware Enterprise Desktop Solutions. Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions

Exam Name: VMware Certified Associate Network Virtualization

Deploying Application and OS Virtualization Together: Citrix and Virtuozzo

Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats

MIGRATING TO INTERNET PROTOCOL VERSION 6 (IPV6)

Kaspersky Managed Service Providers Program

Centralization of Network using Openflow Protocol

A comprehensive framework for securing virtualized data centers. Business white paper

Comparative Study of Different Honeypots System

Defending MANET against Blackhole Attackusing Modified AODV

CYBERSECURITY IN THE INDUSTRIAL INTERNET OF THINGS

AKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview

Improving CPU Performance of Xen Hypervisor in Virtualized Environment

CCNA Cybersecurity Operations 1.1 Scope and Sequence

Networking for a smarter data center: Getting it right

CSE 565 Computer Security Fall 2018

Nuage Networks Product Architecture. White Paper

Pearson CompTIA: Network+ (Course & Lab) Course Outline. Pearson CompTIA: Network+ (Course & Lab) 15 Jul 2018

Simple and Powerful Security for PCI DSS

Education Network Security

7.16 INFORMATION TECHNOLOGY SECURITY

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

Firewalls 1. Firewalls. Alexander Khodenko

Transcription:

Network Security in Virtual Scenario Aditya Kumar 1, Umesh Gupta 2 1 M. Tech Student, Deptt. of ECE, MERI College of Engineering & Technology, Jhajjar, Haryana, India 2 Assistant Professor, Deptt. of ECE, MERI College of Engineering & Technology, Jhajjar, Haryana, India ABSTRACT Virtualization is the single most effective way to reduce IT expenses while boosting efficiency and agility not just for large enterprises, but for small and midsize businesses too. In this research paper, wehave discussed the implementation of cost effective security architecture with reduced hardware infrastructure for virtual environment. Virtualization scenario has been created on single PC using window 7 SP1 64-bit OS as a base machine, VMware workstation 10 as a hypervisor and Linux Kernel 2.6 for Endian Firewall. For virtual network inside VMware window 7, window server2008 used. Keywords: Virtualization, Hypervisor, VMware, Network Security, Firewall INTRODUCTION Today almost all the businesses use information technology infrastructure to improve their productivity and resource management. However, a lack of the proper technology to implement such systems will penalize businesses with increased cost and cause them to suffer technical difficulties. With virtualization, the cost of computer hardware will be reduced, as applications can run on a single machine without a need for multiple machines and constant hardware upgrades. Like we can create and configure several individual virtual machines as per our requirement by use of virtualization technology. Nowadays many enterprises are using the virtualization technologies to speed up their workload and promote scalability. There are threats on security side of the virtual networks. The virtual machines need to be monitored very carefully from the intruders. We have studied virtualization environment Concepts, implementation process, security issues in virtual environment in our research work. After this, we have discussed the implementation of cost effective security architecture with reduced hardware infrastructure for virtual environment. Virtualization scenario has been created by us on single PC using window 7 SP1 64-bit OS as a base machine, VMware workstation 10 as a hypervisor and Linux Kernel 2.6 for Endian Firewall. For virtual network inside VMware window 7, window server2008 used. LITERATUREREVIEW Marcos Laureano, Carlos Maziero, Edgard Jamhour, 2004 [1] this work presents a proposal to increase the trustworthiness of computing systems using virtual machine technology. It proposes the application of intrusion detection mechanisms to detect and block attacks against services running on virtual machines. The main benefit of this approach is to monitor the virtual machine from outside (from the real underlying system), thus keeping the intrusion detection system safe, out of reach from intruders. The proposal s main idea is to encapsulate the system to monitor inside a virtual machine, which is monitored from outside. The intrusion detection and response mechanisms are implemented outside the virtual machine, i.e. out of reach of intruders. Aaron Lanoy and Gordon W. Romney, 2006 [2] defines the purpose of the honey pot, the basic component of a honey net, as an information system resource whose value lies in unauthorized or illicit use of that resource. The objective of a honey net is to attract malicious attackers, study their offensive strategy, and track every movement they make. The honeynet becomes a useful tool as one analyzes the data gathered from it to build new security into their system. AVM ware environment was used to create a virtual honey net (Virtual) and compare its effectiveness to a network of physical computers (Real). 6

Stasiewicz, 2008 [3] argues that virtualization is no longer a new phenomenon but a mature technology. Virtualization is accepted and integrated by many enterprises and it has been used for network infrastructure for many years. Virtualization will provide security for network services by reducing the risk of host failure while reducing server resource consumption. Using virtualization and having a long-term commitment to it, enterprises can now save money through lower energy costs and fewer hardware upgrades. J.W. Rittingthouse, J.F. Ransome, 2010 [4] present a persuasive case for businesses to use cloud computing solutions, but a less persuasive case that the time to switch cloud computing is now. While acknowledging the vagueness and confusion surrounding the term cloud computing, the authors tentatively define it as "the delivery of computational resources form a location other than the one from which you are computing. After laying the basic framework of networking, the authors explain "virtualization," which is a method of cloud computing that enables one piece of hardware to run multiple virtual environments. Many types of cloud computing services are available because of massive presence of the internet. Josenilson Dias Araújo, Zair Abdelouahab, 2012 [5] have presented some of the main works on existing intrusion detection for cloud computing environments based on virtual machines. To effectively protect the cloud users, an IDS should have the abilityto expand, increase or rapidly decrease the quantity of sensors according to the quantity of resources, as well as the ability to isolate access to the system levels and infrastructures. For this purpose, characteristics of virtual machines as quick startup, fast recovery, stop, migration between different hosts and execution across multiple platforms can be exploited in VM-based IDS, making it a great alternative for monitoring intrusions in cloud computing environments. E. Chovancová, L.Vokorokos, M. Chovanec, 2015 [6] explain about using services through the Internet by a small and medium businesses based on cloud computing. First part of their study was focused on cloud computing principles and evaluates its advantages and disadvantages. The second part was focused on designing an own cloud computing. The goal of their work was to create an own cloud computing system for small and medium companies. In the implementation, they used VMware cloud platform to experimental verifying its functionality. Ku. Rupali D. Wankhade, 2016 [7] stated that to providing a security in a distributed system require user authentication password or digital certificates in data transmission. To handle large amount network accessing traffic and administrative control of data and application in cloud, so security has become a major issue for cloud environment. Intrusion Detection Systems have become a needful component in terms of network security. Cloud Computing environment is threatened by different types of cyber-attacks. The proposed architecture provides implementation of Suricata intrusion detection system to secure virtualized server in cloud platform and validated intrusion detection system in detecting DDOS attack against the virtualized environment and protect cloud efficiently from vulnerability. PURPOSED VIRTUALIZATIONENVIRONMENT Figure 1. shows the purposed security architecture for virtual network. Firewall is installed inside VMware. Internet is connected on base machine and virtual machines are accessing internet through firewall. We are using open source Endian Firewall in our experiment. We are using single PC (Laptop) for our complete research that makes is cost effective and a best learning-teaching platform also. Secondly, we are using open source OS also to make it more cost effective. Some propriety software s and OS are also used to represent the compatibility. Up to four different networks (dependent on the number of network cards installed in the virtual machine) are normally managed. Networks are configured through the web interface either on base machine or virtual network s machine. 7

Figure 1: Proposed Security Architecture Endian Firewall [8] is an open-source router, firewall and gateway security Linux distribution developed by the South Tyrolean Company Endian. With Endian these are differentiated by their color coding Red Network: connection to the insecure Internet. Green Network: Secure intranet e.g. file server. Orange Network: Part Safe Demilitarized Zone (DMZ). This includes devices that operate their own server and must be accessible over the Internet, such as Web or FTPservers. Blue Network: Secure wireless part, here on wireless devices can be connected. Thus, they are separated from the green network, which increases its security. RESEARCH ENVIRONMENT SETUP V. The experimental environment is organized into two different layers: the physical layer and the virtual layer. The physical layer consists of the physical hardware, the host OS and the virtualization programs. The virtual layer on the other hand consists of virtual hardware, guest OSs and third party applications. Table 1: Experimental Environment Layers VMware Workstation consists of four virtual machines with operating systems: Window 7 Professional SP 1 64-bit Edition and Linux Kernel 2.6 64-bit OS for Endian Firewall, Ubuntu and Window Server 2008. For implementation purposes, each guest operating system will be configured and allocated the same amount of virtual system resources. 8

Figure 2: Network Adapters connectivity for Linux Machine in VMware Security Implementation Figure 1.2 shows two Network Adapters connectivity for Linux Machine in VMware. One for Red Interface which is directly bridged with physical network and second, Green interface adapter which is used to connect inside local virtual network via VMnet 2 network virtual switch. The default security feature of Endian Firewall. Endian Firewall doesn t allow the ping through Red interface. When we tried to ping through Red Interface, we observed 00% ping loss. But at the same time we can access the management console through Red Interface. It shows that Firewall connectivity is working properly. RESULTS By introducing the three examples (ping from outside network is blocked, http blocked for green network, internet services disabled for particular machine inside virtual network via firewall security system), we can see that we can not only finish some simple experiments, but also can easily accomplish the complex experiments which are difficult to conduct in real environment. Proxy server, VPN, IPS, Log, Monitoring all can be implemented as per scenario. Comparing with actual environment, virtual environment has many advantages. Table 2 shows the comparisons of the two environments. Table 2: The comparisons of the experiment in two kinds of machine CONCLUSION AND FUTURE SCOPE From above setup and experiments we have created a cost-effective security system for virtual networks. Future scope is vast because Cloud computing provides with dynamically scalable infrastructure and virtualized resources that allow application to meet infinite demands, with cheap and reliable services to customers and assuring them with QoS despite unpredictable consumer behavior. 9

REFERENCES [1] M. Laureano, C. Maziero and E. Jamhour, "Intrusion detection in virtual machine environments," Proceedings. 30th Euromicro Conference, 2004., 2004, pp.520-525. [2] Vikram Kumar Kamboj, S.K. Bath, J. S. Dhillon, A Novel Hybrid DE-Random Search approach for Unit Commitment Problem, Neural Computing and Applications (ISSN: 1433-3058), Vol.28, No. 7, 2017, pp.1559 1581. DOI:10.1007/s00521-015-2124-4. [3] A. Lanoy and G. W. Romney, "A Virtual Honey Net as a Teaching Resource," 2006 7 th International Conference on Information Technology Based Higher Education and Training, Ultimo, NSW, 2006, pp. 666-669 [4] Stasiewicz, Worth Getting Hyped up over Hyper-V," presented at the Annual NACCQ, 2008. [5] Vikram Kumar Kamboj, S.K. Bath, J. S. Dhillon, Multiobjective multiarea unit commitment using hybrid differential evolution algorithm considering import/export and tie-line constraints, Neural Computing and Applications (ISSN: 1433-3058), Vol.28, No.11, 2017, pp. 3521 3536, DOI 10.1007/s00521-016-2240-9. [6] J.W. Rittingthouse, J.F. Ransome, Cloud computing implementation, Management and security, Florida: CRC Press, 2010, ISBN978-1-4398-0680-7. [7] Josenilson Dias Araújo and ZairAbdelouahab, Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments, IJCSNS International Journal of Computer Science and Network Security, VOL.12 No.11, November 2012,pp.9-16. [8] Navpreet Singh Tung, Amit Bhardwaj, Ashutosh Bhadoria, Kiranpreet Kaur, Simmi Bhadauria, Dynamic programming model based on cost minimization algorithms for thermal generating units, International Journal of Enhanced Research in Science Technology & Engineering, Volume 1, Issue 3, ISSN: 2319-7463, 2012. [9] E. Chovancová, L. Vokorokos and M. Chovanec, "Cloud computing system for small and medium corporations," 2015 IEEE 13th International Symposium on Applied Machine Intelligence and Informatics (SAMI), Herl'any, 2015, pp.171-174. [10] Ku. Rupali D. Wankhade, Virtualization Intrusion Detection System in Cloud Environment, International Journal of Scientific & Engineering Research, Volume 7, Issue 2, February-2016 ISSN 2229-5518, pp. 321-328. [11] Preet Khandelwal, Surya Prakash Ahirwar, Amit Bhardwaj, Image Processing Based Quality Analyzer and Controller, International Journal of Enhanced Research in Science Technology & Engineering, Volume 2, Issue 7, 2013. [12] https://en.wikipedia.org/wiki/endian_firewall 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback