Monitoring, Management, and Analysis of Security Aspects of IaaS Environments

• Autorzy: Mycek Andrzej

Identyfikatory

DOI

10.26636/jtit.2023.4.1419

• Języki publikacji: EN

Abstrakty

EN

Many companies or institutions either already have placed their resources in or plan to move them to the cloud. They do so for security reasons and are weary of the fact that by relying on cloud-based resources, they do not have to bear such extensive infrastructure-related costs. However, continuous technology advancement results not only in benefits, but also in disadvantages. The latter include the growing risk associated with IT security, forcing the individual actors to implement monitoring measures and to respond to numerous threats. This work focuses on creating a small infrastructure setup using the publicly available Google Cloud Platform which, thanks to the monitoring systems implemented thereon, allows to rapidly respond to hardware and software faults, including those caused by external factors, such as attacks on specific components. This project may also be customized to satisfy individual needs, depending on the cloud service provider selected. The work uses public cloud provider tools as well as open-source systems available for everyone, both in the cloud and in the onprem environment. The paper deals also with the concept of a proprietary intrusion detection system.

Słowa kluczowe

EN

cybersecurity; IaaS; monitoring; Wazuh; Zabbix

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2023
• Tom: nr 4
• Strony: 108--116
• Opis fizyczny: Bibliogr. 20 poz., rys.

Twórcy

autor

Mycek Andrzej

• Department of Computer Science Cracow University of Technology, Cracow, Poland

• https://orcid.org/0000-0002-2720-6071

Bibliografia

• [1] G. Rodrigues et al., “Monitoring of Cloud Computing Environments: Concepts, Solutions, Trends, and Future Directions”, SAC ’16: Proceedings of the 31st Annual ACM Symposium on Applied Computing, pp. 378–383, 2016 (https://doi.org/ 10.1145/2851613.2851619).
• [2] M. Birje, P. Challagidad, R.H. Goudar, and M. Tapale, “Cloud Computing Review: Concepts, Technology, Challenges and Security”, International Journal of Cloud Computing, vol. 6, no. 1, pp. 32 –57 , 2017 (https://doi.org/10.1504/IJCC.2017.083905).
• [3] M.G. Azam, “Application of Cloud Computing in Library Management: Innovation, Opportunities and Challenges”, International Journal of Multidisciplinary, vol. 4, no. 1, pp. 2– 11, 2019 (https: //doi.org/10.5281/zenodo.2536637).
• [4] L. Qian, Z. Luo, Y. Du, and L. Guo, “Cloud Computing: An Overview”, IEEE International Conference on Cloud Computing, pp. 626–631 , 2009 (https://doi.org/ 10.1007/978- 3- 642- 10665-1_63).
• [5] L. Devadass, S.S. Sekaran, and R. Thinakaran, “Cloud Computing In Healthcare”, International Journal of Students Research in Technology and Management, vol. 5, no. 1, pp. 25–31, 2017 (https://doi.org/10.18510/ijsrtm.2017.516).
• [6] D. Sullivan, “Overview of Google Cloud Platform”, in: Official Google Cloud Certified Associate Cloud Engineer Study Guide, John Wiley& Sons, pp. 1–14 , 2019 (https://doi.org/ 10. 1002/ 9781119564409.ch1).
• [7] A. Vázquez, C. Dafonte, and Á. Gómez, “Open Source Monitoring System for IT Infrastructures Incorporating IoT-Based Sensors”, Proceedings, vol. 54 , no. 1, art. no. 56 , 2020 (https://doi.or g/10.3390/proceedings2020054056).
• [8] M. Copeland, “Other Azure Security Services”, in:Cloud Defense Strategies with Azure Sentinel. Apress, pp. 39– 75, 2021 (https: //doi.org/10.1007/978-1-4842-7132-2_2).
• [9] T. Svoboda, J. Horalek, and V. Sobeslav, “Behavioral Analysis of SIEM Solutions for Energy Technology Systems”, Context-Aware Systems and Applications, and Nature of Computation and Communication, 9th EAI International Conference, ICCASA 2020, and 6th EAI International Conference, ICTCC 2020, pp. 265 –276 , 2021 (https://doi.org/10.1007/978-3-030-67101-3_21).
• [10] A. Mycek, D. Grzonka, and J. Tchórzewski, “Agent-Based Simulation and Analysis of Infrastructure-as-Code Process to Build and Manage Cloud Environment”, ECMS 2023: Proceedings of the 37th ECMS International Conference on Modelling and Simulation, pp. 513–520, 2023 (https://doi.org/10.7148/2023-0513).
• [11] D. Gupta, S. Bhatt, M. Gupta, O. Kayode, and A.S. Tosun, “Access Control Model for Google Cloud IoT”, 2020 IEEE 6th Intl Conference on Big Data Security on Cloud, BigDataSecurity 2020, 2020 IEEE Intl Conference on High Performance and Smart Computing, HPSC 2020 and 2020 IEEE Intl Conference on Intelligent Data and Security,IDS 2020, Baltimore, USA, pp. 198– 208, 2020 (https://doi.org/10.1109/BigDataSecurity-HPSC-IDS49724.2020.00044).
• [12] H. Zahid, S. Hina, M.F. Hayat, and G. A. Shah, “Agentless Approach for Security Information and Event Management in Industrial IoT”, Electronics, vol. 12, no. 8, art. no. 1831, 2023 (https://doi.org/10.3390/electronics12081831).
• [13] C.N. Modi, D.R. Patel, A. Patel, and R. Muttukrishnan, “Bayesian Classifier and Snort based Network Intrusion Detection System In Cloud Computing”, Third International Conference on Computing, Communication and Networking Technologies, Coimbatore, India, pp. 1– 7, 2012 (https://doi.org/ 10.1109/ICCCNT.2012.6396086).
• [14] C.N. Modi et al., “A Survey of Intrusion Detection Techniques In Cloud”, Journal of Network and Computer Applications, vol. 36, no. 1, pp. 42–57, 2013 (https://doi.org/10.1016/j.jnca.2012.05.003).
• [15] Y. Mehmood, A. Shibli, U. Habiba, and R. Masood, “Intrusion Detection System in Cloud Computing: Challenges and Opportunities”, Conference Proceedings - 2013 2nd National Conference on Information Assurance, NCIA 2013, Rawalpindi, Pakistan, pp. 59– 66, 2013 (https://doi.org/10.1109/NCIA.2013.6725325).
• [16] U. Oktay and O.K. Sahingoz, “Proxy Network Intrusion Detection System for Cloud Computing”, 2013 The International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), Konya, Turkey, pp. 98– 104, 2013 (https: //doi.org/10.1109/TAEECE.2013.6557203).
• [17] W. Elmasry, A. Akbulut, and A.H. Zaim, “A Design of an Integrated Cloud-based Intrusion Detection System with Third Party Cloud Service”, Open Computer Science, vol. 11, no. 1, pp. 365–379 , 2021 (https://doi.org/10.1515/comp-2020-0214).
• [18] A. Patel, M. Taghavi, K. Bakhtiyari, and J. Celestino Junior, “An Intrusion Detection and Prevention System in Cloud Computing: A Systematic Review”, Journal of Network and Computer Applications, vol. 36, no. 1, pp. 25– 41, 2013 (https://doi.org/ 10.1016/j.jnca.2012.08.007).
• [19] A. Tasneem, A. Kumar, and S. Sharma, “Intrusion Detection Prevention System Using SNORT”, International Journal of Computer Applications, vol. 181, no. 32, pp. 21–24, 2018 (https: //doi.org/10.5120/ijca2018918280).
• [20] A. Sagala and R.M. Hutabarat, “Private Cloud Storage Using Open-Stack with Simple Network Architecture”, Indonesian Journal of Electrical Engineering and Computer Science, vol. 4, no. 1, pp. 155–164, 2016 (https://ijeecs.iaescore.com/index.php/IJEECS/article/download/5803/4578).