Detalhes bibliográficos
| Ano de defesa: |
2014 |
| Autor(a) principal: |
RODRIGUES, Dhileane de Andrade
 |
| Orientador(a): |
ABDELOUAHAB, Zair
|
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Universidade Federal do Maranhão
|
| Programa de Pós-Graduação: |
PROGRAMA DE PÓS-GRADUAÇÃO EM ENGENHARIA DE ELETRICIDADE/CCET
|
| Departamento: |
Engenharia
|
| País: |
BR
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://tedebc.ufma.br:8080/jspui/handle/tede/521
|
Resumo: |
Cloud computing is increasingly in evidence in the world for its elasticity, in providing resources. The characteristics of cloud computing make the environment attractive for intrusion and therefore vulnerable to attack. Therefore, there is a need for adequate tools to provide security in the cloud. A tool that is currently proposed to maintain security in the cloud is the Intrusion Detection Systems (IDS), since its objective is to identify individuals who attempt unauthorized use an or abusive the system with its privileges . Although numerous studies aimed at detection area intrusion into the cloud computing environment, there are many problems faced in area, such as: the elasticity of the components, selfprotection, the availability of the services, self-resilient study with no single point of failure and automatic response actions based on the set of policies. To properly perform the function in the cloud, the IDS should have the ability to quickly increase or decrease the number of sensors, according to the elasticity of the cloud. Besides providing the ability to expand, the SDI should ensure reliability and availability of their own applications. An SDI in the cloud should continue its services even before failures, especially failures arising from malicious actions. This dissertation proposes a mechanism for fault tolerance and Internal Elastic Cloudbased Intrusion Detection System (EICIDS), an intrusion detection system based on dynamic virtualization. The mechanism uses some technique: monitoring system, echo and replication. The mechanism has a group of components that monitor the system to collect the IDS behavior and information of the Virtual machines (VMs) to provide adequate recovery. Using the information that is collected, the system can: find the inactive VMs; discover VMs with malicious actions and discover applications being used in an improper form. Replication occurs at the moment no communication exists between the components of SDI nodes that are located in the element and Central. In addition, this monitoring allows also perform other important tasks such as signal output for all VMs if a malicious action is detected, block malicious user, and monitoring of the central element, to ensure the safety of SDI itself (selfprotection). The implementation of the proposed architecture and testing demonstrate the feasibility of the solution. |
