Monitoring, Management, and Analysis of Security Aspects of IaaS Environments
DOI:
https://doi.org/10.26636/jtit.2023.4.1419Keywords:
cybersecurity, IaaS, monitoring, Wazuh, ZabbixAbstract
Many companies or institutions either already have placed their resources in or plan to move them to the cloud. They do so for security reasons and are weary of the fact that by relying on cloud-based resources, they do not have to bear such extensive infrastructure-related costs. However, continuous technology advancement results not only in benefits, but also in disadvantages. The latter include the growing risk associated with IT security, forcing the individual actors to implement monitoring measures and to respond to numerous threats.
This work focuses on creating a small infrastructure setup using the publicly available Google Cloud Platform which, thanks to the monitoring systems implemented thereon, allows to rapidly respond to hardware and software faults, including those caused by external factors, such as attacks on specific components. This project may also be customized to satisfy individual needs, depending on the cloud service provider selected. The work uses public cloud provider tools as well as open-source systems available for everyone, both in the cloud and in the on-prem environment. The paper deals also with the concept of a proprietary intrusion detection system.
Downloads
References
G. Rodrigues et al., "Monitoring of Cloud Computing Environments: Concepts, Solutions, Trends, and Future Directions", SAC ’16: Proceedings of the 31st Annual ACM Symposium on Applied Computing, pp. 378-383, 2016.
View in Google Scholar
M. Birje, P. Challagidad, R.H. Goudar, and M. Tapale, "Cloud Computing Review: Concepts, Technology, Challenges and Security", International Journal of Cloud Computing, vol. 6, no. 1, pp. 32-57, 2017.
View in Google Scholar
M.G. Azam, "Application of Cloud Computing in Library Management: Innovation, Opportunities and Challenges", International Journal of Multidisciplinary, vol. 4, no. 1, pp. 2-11, 2019.
View in Google Scholar
L. Qian, Z. Luo, Y. Du, and L. Guo, "Cloud Computing: An Overview", IEEE International Conference on Cloud Computing, pp. 626-631, 2009.
View in Google Scholar
L. Devadass, S.S. Sekaran, and R. Thinakaran, "Cloud Computing in Healthcare", International Journal of Students Research in Technology and Management, vol. 5, no. 1, pp. 25-31, 2017.
View in Google Scholar
D. Sullivan, "Overview of Google Cloud Platform", in: Official Google Cloud Certified Associate Cloud Engineer Study Guide, John Wiley & Sons, pp. 1-14, 2019.
View in Google Scholar
A. Vázquez, C. Dafonte, and Á. Gómez, "Open Source Monitoring System for IT Infrastructures Incorporating IoT-Based Sensors", Proceedings, vol. 54, no. 1, art. no. 56, 2020.
View in Google Scholar
M. Copeland, "Other Azure Security Services", in:Cloud Defense Strategies with Azure Sentinel. Apress, pp. 39-75, 2021.
View in Google Scholar
T. Svoboda, J. Horalek, and V. Sobeslav, "Behavioral Analysis of SIEM Solutions for Energy Technology Systems", Context-Aware Systems and Applications, and Nature of Computation and Communication, 9th EAI International Conference, ICCASA 2020, and 6th EAI International Conference, ICTCC 2020, pp. 265-276, 2021.
View in Google Scholar
A. Mycek, D. Grzonka, and J. Tchórzewski, "Agent-Based Simulation and Analysis of Infrastructure-as-Code Process to Build and Manage Cloud Environment", ECMS 2023: Proceedings of the 37th ECMS International Conference on Modelling and Simulation, pp. 513-520, 2023.
View in Google Scholar
D. Gupta, S. Bhatt, M. Gupta, O. Kayode, and A.S. Tosun, "Access Control Model for Google Cloud IoT", 2020 IEEE 6th Intl Conference on Big Data Security on Cloud, BigDataSecurity 2020, 2020 IEEE Intl Conference on High Performance and Smart Computing, HPSC 2020 and 2020 IEEE Intl Conference on Intelligent Data and Security, IDS 2020, Baltimore, USA, pp. 198-208, 2020.
View in Google Scholar
H. Zahid, S. Hina, M.F. Hayat, and G. A. Shah, "Agentless Approach for Security Information and Event Management in Industrial IoT", Electronics, vol. 12, no. 8, art. no. 1831, 2023.
View in Google Scholar
C.N. Modi, D.R. Patel, A. Patel, and R. Muttukrishnan, "Bayesian Classifier and Snort based Network Intrusion Detection System in Cloud Computing", Third International Conference on Computing, Communication and Networking Technologies, Coimbatore, India, pp. 1-7, 2012.
View in Google Scholar
C.N. Modi et al., "A Survey of Intrusion Detection Techniques in Cloud", Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42-57, 2013.
View in Google Scholar
Y. Mehmood, A. Shibli, U. Habiba, and R. Masood, "Intrusion Detection System in Cloud Computing: Challenges and Opportunities", Conference Proceedings - 2013 2nd National Conference on Information Assurance, NCIA 2013, Rawalpindi, Pakistan, pp. 59-66, 2013.
View in Google Scholar
U. Oktay and O.K. Sahingoz, "Proxy Network Intrusion Detection System for Cloud Computing", 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), Konya, Turkey, pp. 98-104, 2013.
View in Google Scholar
W. Elmasry, A. Akbulut, and A.H. Zaim, "A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service", Open Computer Science, vol. 11, no. 1, pp. 365-379, 2021.
View in Google Scholar
A. Patel, M. Taghavi, K. Bakhtiyari, and J. Celestino Junior, "An Intrusion Detection and Prevention System in Cloud Computing: A Systematic Review", Journal of Network and Computer Applications, vol. 36, no. 1, pp. 25-41, 2013 (https://doi.org/10.1016/j.jnca.2012.08.007).
View in Google Scholar
A. Tasneem, A. Kumar, and S. Sharma, "Intrusion Detection Prevention System Using SNORT", International Journal of Computer Applications, vol. 181, no. 32, pp. 21-24, 2018 (https://doi.org/10.5120/ijca2018918280).
View in Google Scholar
A. Sagala and R.M. Hutabarat, "Private Cloud Storage Using OpenStack with Simple Network Architecture", Indonesian Journal of Electrical Engineering and Computer Science, vol. 4, no. 1, pp. 155-164, 2016 (https://ijeecs.iaescore.com/index.php/IJEECS/article/download/5803/4578).
View in Google Scholar
Downloads
Published
Issue
Section
License
Copyright (c) 2023 Andrzej Mycek
This work is licensed under a Creative Commons Attribution 4.0 International License.