A design of firewall based on feedback of intrusion detection system in cloud environment

Xiaoyu Ma, Xiao Fu, Bin Luo, Xiaojiang Du, Mohsen Guizani

Research output: Contribution to journalConference articlepeer-review

17 Scopus citations

Abstract

Security is critical to cloud services, this paper introduces a design of firewall, which based on IDS's feedback t change rules in order to detect attack flexible. It combines firewall and Intrusion Detection Systems(IDS) by using Intrusion Detection Systems, which detects ICMP, TCP, UDP attacks. Usually, a cloud service is a service built on a virtual machine. The virtual device is virtualized to achieve the purpose of multiplexing. Therefore, if you want to implement cloud security detection, you can listen to the physical device's network card. There are two types of Intrusion Detection System, one is host- based intrusion detection system(HIDS) and another is network intrusion detection system(NIDS). What's more, in order to highlight the importance of the firewall, the IDS monitoring data is analyzed and added to the firewall's defense strategy automatically. Finally, we measure the effectiveness of the system by False Negative(FN) and False Positive(FP), and verify that feedback plays a crucial role in improving the effectiveness of the system, improving the efficiency of the entire system filtering attacks.

Original languageEnglish
Article number9013771
JournalProceedings - IEEE Global Communications Conference, GLOBECOM
DOIs
StatePublished - 2019
Event2019 IEEE Global Communications Conference, GLOBECOM 2019 - Waikoloa, United States
Duration: 9 Dec 201913 Dec 2019

Keywords

  • Feedback
  • Firewall
  • Intrusion Detection System
  • Network traffic

Fingerprint

Dive into the research topics of 'A design of firewall based on feedback of intrusion detection system in cloud environment'. Together they form a unique fingerprint.

Cite this