Cloud Computing Security
- Publisher: Metropolia Ammattikorkeakoulu
This project aimed to show how possible it is to use a network intrusion detection system in the cloud. The security in the cloud is a concern nowadays and security professionals are still finding means to make cloud computing more secure.
First of all the installation of the ESX4.0, vCenter Server and vCenter lab manager in server hardware was successful in building the platform. This allowed the creation and deployment of many virtual servers. Those servers have operating systems and applications, which are permanently used and stored valuable information, which attracts malware and intruders. The intruders are permanently looking for vulnerabilities found in the applications and networked system to steal and destroy sensitive data.
In order to mitigate those threats, an open-source network intrusion detection system was installed: Snort. The snort sensor was then configured in order to monitor the network activity. It sends an alert when it founds malicious traffic with the same pattern as those stored in its signature database. The system was built to prevent malware or intruders invasion, which wants to use the security weaknesses found in the applications and the operating system. In the cloud, the vulnerabilities are associated with the service being followed. Snort was able to detect the malicious traffic and stored it in the log file.
This study can be implemented in any virtual data center to mitigate the possible risk. By using a network intrusion detection system, one can track down individual hacker after the investigation by watching the attacks that occur and the vulnerabilities that need to be addressed.