A hierarchical, autonomous, and forecasting cloud IDS

Cloud computing supports distributed service oriented paradigm, multi-domain and multi-users administrative infrastructure. Due to the distributed nature of the cloud environment, it has high intrusion prospects and suspect of security infringements because the intruders can exploit the large amount of resources in cloud for their attacks. Furthermore, most of current Intrusion Detection System (IDS) solutions do not offer features for cloud environments. This paper presents a hierarchical, autonomous, and forecasting cloud based IDS (HAF-CIDS) that continuously monitors and analyzes system events and computes the risk level. The proposed system improves the detection accuracy through the integration with a forecasting engine that runs the Holt-Winters (HW) algorithm. HAF-CIDS uses HW forecast feature in detecting network aberrant behaviours. Furthermore, it can recover any corrupted data or affected services by interacting with an autonomous controller that selects the most appropriate response to detected attacks.