Scalable network intrusion detection and countermeasure selection in virtual network systems

Jin B. Hong, Chun Jen Chung, Dijiang Huang, Dong Seong Kim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Security of virtual network systems, such as Cloud computing systems, is important to users and administrators. One of the major issues with Cloud security is detecting intrusions to provide time-efficient and cost-effective countermeasures. Cyber-attacks involve series of exploiting vulnerabilities in virtual machines, which could potentially cause a loss of credentials and disrupt services (e.g., privilege escalation attacks). Intrusion detection and countermeasure selection mechanisms are proposed to address the aforementioned issues, but existing solutions with traditional security models (e.g., Attack Graphs (AG)) do not scale well with a large number of hosts in the Cloud systems. Consequently, the model cannot provide a security solution in practical time. To address this problem, we incorporate a scalable security model named Hierarchical Attack Representation Model (HARM) in place of the AG to improve the scalability. By doing so, we can provide a security solution within a reasonable timeframe to mitigate cyber attacks. Further, we show the equivalent security analysis using the HARM and the AG, as well as to demonstrate how to transform the existing AG to the HARM.

Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Verlag
Pages582-592
Number of pages11
Volume9532
ISBN (Print)9783319271606
DOIs
StatePublished - 2015
Event15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015 - Zhangjiajie, China
Duration: Nov 18 2015Nov 20 2015

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9532
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other15th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2015
CountryChina
CityZhangjiajie
Period11/18/1511/20/15

Keywords

  • Attack graphs
  • Countermeasure selection
  • Intrusion detection
  • Network security
  • Scalability

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Fingerprint Dive into the research topics of 'Scalable network intrusion detection and countermeasure selection in virtual network systems'. Together they form a unique fingerprint.

  • Cite this

    Hong, J. B., Chung, C. J., Huang, D., & Kim, D. S. (2015). Scalable network intrusion detection and countermeasure selection in virtual network systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9532, pp. 582-592). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9532). Springer Verlag. https://doi.org/10.1007/978-3-319-27161-3_53