Alina Oprea Associate Professor, CCIS Northeastern University

Slides:



Advertisements
Similar presentations
Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011
Advertisements

Lecture 4: Cloud Computing Security: a first look Xiaowei Yang (Duke University)
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing.
SCADA Security, DNS Phishing
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Information Security and Cloud Computing Naresh K. Sehgal, Sohum Sohoni, Ying Xiong, David Fritz, Wira Mulia, and John M. Acken 1 NKS.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
1 Security on OpenStack 11/7/2013 Brian Chong – Global Technology Strategist.
“It’s going to take a month to get a proof of concept going.” “I know VMM, but don’t know how it works with SPF and the Portal” “I know Azure, but.
RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.
Intrusion detection Anomaly detection models: compare a user’s normal behavior statistically to parameters of the current session, in order to find significant.
IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Authors: Thomas Ristenpart, et at.
N. GSU Slide 1 Chapter 04 Cloud Computing Systems N. Xiong Georgia State University.
Intrusion Prevention, Detection & Response. IDS vs IPS IDS = Intrusion detection system IPS = intrusion prevention system.
Security Guidelines and Management
Self-service Cloud Computing Shakeel Butt Department of Computer Science Rutgers University.
© 2010 IBM Corporation Cloudy with a chance of security Information security in virtual environments Johan Celis Security Solutions Architect EMEA IBM.
An Inside Look at Mobile Security Android & iOS Zachary Hance & Andrew Phifer Dr Harold Grossman.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 4 09/10/2013 Security and Privacy in Cloud Computing.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
BEN ROBINSON, ACCOUNT EXECUTIVE, PALO ALTO NETWORKS SAFELY ENABLE YOUR SAAS APPLICATIONS.
Chap1: Is there a Security Problem in Computing?.
Security Vulnerabilities in A Virtual Environment
A Taxonomy of Cloud Attack Consequences and Mitigation Strategies The Role of Access Control and Privileged Access Management.
Cloud Computing is a Nebulous Subject Or how I learned to love VDF on Amazon.
Russell Rice Senior Director, Product Management Skyport Systems
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
© 2012 Eucalyptus Systems, Inc. Cloud Computing Introduction Eucalyptus Education Services 2.
KEYNOTE OF THE FUTURE 3: DAVID BECKETT CSIT PhD Student QUEEN’S UNIVERSITY BELFAST.
Secure Offloading of Legacy IDSes Using Remote VM Introspection in Semi-trusted IaaS Clouds Kenichi Kourai Kazuki Juda Kyushu Institute of Technology.
Protect your Digital Enterprise
Network Data Collection Infrastructure to Detect Security Anomalies
Mapping/Topology attacks on Virtual Machines
Protecting a Tsunami of Data in Hadoop
Data Collection Framework
Security on OpenStack 11/7/2013
Grow Your Business with the Security Leader
Basic Terms and Concepts – 1/3
Grow Your Business with the Security Leader
Do you know who your employees are sharing their credentials with
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Journey to Microsoft Secure Cloud
StratusLab Final Periodic Review
StratusLab Final Periodic Review
Written by : Thomas Ristenpart, Eran Tromer, Hovav Shacham,
Cloud Computing Kelley Raines.
Wenjing Lou Complex Networks and Security Research (CNSR) Lab
OpenStack Ani Bicaku 18/04/ © (SG)² Konsortium.
Securing Cloud-Native Applications Jason Schmitt CEO
Managing Clouds with VMM
Strong Security for Your Weak Link:
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
20409A 7: Installing and Configuring System Center 2012 R2 Virtual Machine Manager Module 7 Installing and Configuring System Center 2012 R2 Virtual.
The Next Generation Cyber Security in the 4th Industrial Revolution
Panda Adaptive Defense Platform and Services
Chapter 4: Protecting the Organization
K!M SAA LOGICAL SECURITY Strong Adaptive Authentication
Intrusion Detection system
Identifying Slow HTTP DoS/DDoS Attacks against Web Servers DEPARTMENT ANDDepartment of Computer Science & Information SPECIALIZATIONTechnology, University.
Future Internet: Infrastructures and Services
NIST Cloud Computing Reference Architecture
Cloud Security AWS as an example.
ZORAN BARAC DATA ARCHITECT at CIN7
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Presentation transcript:

Alina Oprea Associate Professor, CCIS Northeastern University MOSAIC: A Platform for Monitoring and Security Analytics in Public Clouds Alina Oprea Associate Professor, CCIS Northeastern University IEEE SecDev, November 3rd, 2016

Trustworthy infrastructure Public clouds Public cloud Management Compute Storage Billing Authentication Compute mgmt Storage mgmt SDN VM Physical Hypervisor Users Networking Trustworthy infrastructure Sharing of resources

Top threats according to Cloud Security Alliance (CSA) What are the threats? Cloud provider Users Co-location with malicious tenants Side-channel attacks (cache, network, storage) Breach of confidential information VMs infected with malware Application exploit Denial of service Server breaches Malicious tenants Credential compromise Cloud abuse Top threats according to Cloud Security Alliance (CSA)

Analytics-based defenses Goals Correlate data sources from multiple cloud layers Analytics techniques to detect wide range of threats Protection of cloud infrastructure Enable cloud users to protect their resources Protect users privacy

Data collection Monitoring infrastructure Network traffic collection Performance metrics from physical layer (CPU, I/O, memory, disk, power) – Sensu VM utilization - Ceilometer Cloud management logs (Nova, Keystone, Horizon) Network traffic collection Currently staging area experiments Plan to deploy in Engage1 environment Configure Brocade fabric to collect sFlow

Account profiling for authentication Detect credential compromise Developers leak their AWS passwords in GitHub Build user profiles based on historical data Login information (IP address, time) VM usage (CPU, memory, disk) Anomaly detection Detect unusual activities

Network traffic analysis sFlow collector sFlow collector MongoDB Use cases Detect suspicious communication with external IP addresses Detect data exfiltration attempts Prevent cloud abuse Malware infection, application exploits , illegal use of cloud

Quantify workload privacy App App App App VM VM VM Hypervisor Performance metrics What can be inferred about workloads? Physical Networking NetFlow/sFlow Strict privacy requirements in public clouds Users should specify their preferences Metrics Quantify privacy experimentally Information theoretical metrics How to monitor user workloads while preserving user privacy? What data should be collected? What level of aggregation?

Analytics for cloud security Provide recommendations to other cloud providers Securing public clouds is shared responsibility between cloud provider and tenants Design data collection and analytics APIs to enable the cloud provider and tenants to use analytics for security Protect workload privacy respecting users’ preferences

Northeastern University Cybersecurity & Privacy Institute  Xinming Ou  Xinming Ou Northeastern University Cybersecurity & Privacy Institute Alina Oprea a.oprea@neu.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.