Quantification of the Impact of Elastic Cloud Environment Properties on IDS Benchmarking Metrics
In this thesis, you will perform experiments that involve use of novel intrusion detection systems (IDSes) in order to investigate the relationship between the performance of these systems and the elastic properties of virtualized cloud environments in which they operate.
The wide migration to the increasingly popular virtualized cloud environments is heavily challenged by security concerns. In order to reduce the chance for security breaches, the research and the industrial communities have developed novel IDSes that are specifically designed to operate in virtualized environments. In order to accurately measure the performance of these IDSes, one needs to take into consideration the novel elastic properties of cloud environments (i.e., the ability to provide resources to an IDS during operation) that apply exclusively to them. Thus, one needs to empirically measure the impact of cloud environment elastic properties on an IDS performance in order to demonstrate the magnitude of such impact. On a long-term basis, such undertaking would support further research towards more accurate quantification of performance of IDSes for virtualized cloud environments.
The central focus of this thesis is to measure and to consequently compare the performance of an IDS for virtualized environments in terms of its ability to detect attacks in two scenarios: (i) when the IDS is deployed in a realistic virtualized environment without elastic properties; and (ii) when the IDS is deployed in a realistic virtualized environment with elastic properties (e.g., the IDS may be provided with computing and/or memory resources during operation). The comparison of the measured IDS performance results should represent an analysis which carefully investigates the impact of the previously mentioned elastic features on the measured IDS performance metric values. The experiments in scope of this thesis will be performed in state-of-the art virtualization platforms and involve use of novel intrusion detection systems.
- State-of-the-art virtualized platforms and intrusion detection systems
- Excellent working environment and intensive mentoring
- Collaboration with the SPEC RG IDS Benchmarking Working Group
- Motivation and commitment
- Interest in system and network security
- Experience in system and network security is a plus
- Experience in C and in virtualization technologies is a plus
Aleksandar Milenkoski, M.Sc.
- 12-BA_AMi_QuantificationIDS.pdf715 K