Towards Self Adaptable Security Monitoring in IaaS clouds Anna Giannakou Advisors: Christine Morin, Jean-Louis Pazat, Louis Rilling.

Slides:



Advertisements
Similar presentations
© 2012 IBM Corporation Architecture of Quantum Folsom Release Yong Sheng Gong ( 龚永生 ) gongysh #openstack-dev Quantum Core developer.
Advertisements

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.
Seamless migration from Nova-network to Neutron in eBay production Chengyuan Li, Han Zhou.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
24 February 2015 Ryota Mibu, NEC
OpenContrail Quickstart
Undergraduate Poster Presentation Match 31, 2015 Department of CSE, BUET, Dhaka, Bangladesh Wireless Sensor Network Integretion With Cloud Computing H.M.A.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
SDN Problem Statement and Use Cases for Data Center Applications Ping Pan Thomas Nadeau November 2011.
CTS Private Cloud Status Quarterly Customer Meeting October 22, 2014.
Data Center Network Redesign using SDN
Presented by: Sanketh Beerabbi University of Central Florida COP Cloud Computing.
Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.
Openstack on Openstack how to bootstrap a cloud Paul Voccio Director, Infrastructure Engineering Rackspace.
Ph No: Mob: ,plot No-27,NGGO's Colony, Pattabhi reddy gardens,Visakhapatnam-07 Open.
Synchronized Co-migration of Virtual Machines for IDS Offloading in Clouds Kenichi Kourai and Hisato Utsunomiya Kyushu Institute of Technology, Japan.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
User-driven Networking in IaaS Clouds Daniel Kouril, Tomas Rebok, Michal Prochazka Masaryk University/CESNET EGI-Geant Symposium, 27th September 2014.
EGI-InSPIRE RI EGI Webinar EGI-InSPIRE RI Porting your application to the EGI Federated Cloud 17 Feb
Co-ordination & Harmonisation of Advanced e-Infrastructures for Research and Education Data Sharing Grant.
CON8473 – Oracle Distribution of OpenStack Ronen Kofman Director of Product Management Oracle OpenStack September, 2014 Copyright © 2014, Oracle and/or.
CIS 221 Lesson 2. What is the first phase of the of the Installation of Windows XP? MS-DOS phase Why is the MS-DOS phase needed? the computer required.
Issues in Cloud Computing. Agenda Issues in Inter-cloud, environments  QoS, Monitoirng Load balancing  Dynamic configuration  Resource optimization.
IPv6 Infrastructure Support in OpenStack
OpenStack.
1/27/2018 5:13 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Security on OpenStack 11/7/2013
Online Canon Printer Support & Customer Services
Cloud Technology and the NGS Steve Thorn Edinburgh University (Matteo Turilli, Oxford University)‏ Presented by David Fergusson.
Microsoft Azure Deployment Planning Services
Smart Cities and Communities and Social Innovation
The advances in IHEP Cloud facility
ONAP Installation Eric Debeau, Orange
IT Services Katarzyna Dziedziniewicz-Wojcik IT-DB.
Leading New ICT, Making eFinance More Effective.
StratusLab First Periodic Review
Elastic Computing Resource Management Based on HTCondor
Research on an universal Openstack upgrade solution
StratusLab Final Periodic Review
StratusLab Final Periodic Review
Ops Manager API, Puppet and OpenStack – Fully automated orchestration from scratch! MongoDB World 2016.
Windows Azure Cloud Visit – Ravindra verma.
Microsoft Azure Deployment Planning Services
Use Cases and Requirements for I2NSF_
Anna Giannakou Christine Morin, Jean-Louis Pazat, Louis Rilling
OpenStack Ani Bicaku 18/04/ © (SG)² Konsortium.
Microsoft Azure Deployment Planning Services
Cloud Technology Group
The Brocade Cloud Manageability Vision
OPNFV Arno Installation & Validation Walk-Through
Private Cloud Deployment MCS service line Offering
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Ease OpenStack : Non-Containerized to Containerized
JD Edwards Support and Oracle Cloud Infrastructure: A Successful Path to Oracle Cloud
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
Обзор Windows Azure Connect
Concept of VLAN (Virtual LAN) and Benefits
Microsoft Virtual Academy
Private Cloud Deployment MCS service line Offering
Upgrading Your Private Cloud with Windows Server 2012 R2
Future Internet: Infrastructures and Services
COMP4442 Cloud Computing: Assignment 1
OpenStack Summit Berlin – November 14, 2018
Harrison Howell CSCE 824 Dr. Farkas
Bending Ironic for Big Iron
06 | SQL Server and the Cloud
Presentation transcript:

Towards Self Adaptable Security Monitoring in IaaS clouds Anna Giannakou Advisors: Christine Morin, Jean-Louis Pazat, Louis Rilling

Presentation outline  Security monitoring in clouds  Self-adaptable Intrusion Detection System  Preliminary Results  Technical aspects 2

Security monitoring in clouds

Infrastructure as a Service clouds 4

5

6

7

8

9

Network Intrusion Detection Systems 10 Passively inspect traffic (monitor & notify) Out of band placement Rule based configuration

The need for adaptable security monitoring  IaaS cloud environments are very dynamic  Topology-related changes (VM creation, deletion, migration)  Traffic load fluctuation  Service addition/removal  Traditional security monitoring is ineffective  Reconfiguration of monitoring system should be automated  Several actors with different security requirements  Tenants express their requirements through SLA 11

Self-Adaptable Intrusion Detection System

Self-adaptable security monitoring engine-SAIDS (1) 13

Self-adaptable security monitoring engine-SAIDS (2) 14

Self-adaptable security monitoring engine-SAIDS (3) 15

Self-adaptable security monitoring engine-SAIDS (4) 16

Self-adaptable security monitoring engine-SAIDS (5) 17

Preliminary results

19 4

Technical aspects

OpenStack deployment  Version Juno  3 nodes (1 controller - 2 compute )  DevStack multi-node installation   OpenvSwitch on every node – (for kernel 3.2 version )   GRE tunnels for inter-VM communication

Deployment steps 1. Reserve nodes & vlan  (oarsub, …) 2. Deploy environment (Trusty 12.04)  Kadeploy3, … 3. Run custom deployment script  (Automatic update of local.conf &./stack.sh) 4. Reconfigure external connectivity due to openvSwitch setup 1. br-ex as the main interface on controller node 5. Repeat step 3 for compute nodes

Deployment issues  Overall deployment time ~ min  Additional time for:  registering VMs with glance  Injecting OpenFlow rules  Further automation for not deploying OpenStack everytime :  Reconfigure.conf files for all services (nova, glance,…)  Restart services  Limitations: VM image size (environment file gets too big)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.