Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing

One of the major security issues in Cloud computing is to detect malicious activities at the network layer. In this paper, we propose a framework integrating network intrusion detection system (NIDS) in the Cloud. Our NIDS module consists of Snort and signature apriori algorithm. It generates new rules from captured packets. These new rules are appended in the Snort configuration file to improve efficiency of Snort. It aims to detect known attacks and derivative of known attacks in Cloud by monitoring network traffic, while ensuring low false positive rate with reasonable computational cost. We also recommend the positioning of NIDS in Cloud. We present experimental setup and discuss the design goals expected from proposed framework. (C) 2012 The Authors. Published by Elsevier Ltd. Selection and/or peer-review under responsibility of the Department of Computer Science & Engineering, National Institute of Technology Rourkela