HIDCC: A hybrid intrusion detection approach in cloud computing

Summary The rapid growth of distributed computing systems that heavily communicate and interact with each other has raised the importance of confrontation against cyber intruders, attackers, and subversives. With respect to the emergence of cloud computing and its deployment all over the world, and because of its distributed and decentralized nature, a special security requirement is needed to protect this paradigm. Intrusion detection systems could differentiate usual and unusual behaviors by means of supervising, verifying, and controlling the configurations, log files, network traffic, user activities, and even the actions of different processes by which they could add new security dimensions to the cloud computing systems. The position of the intrusion detection mechanisms in cloud computing systems as well as the applied algorithms in those mechanisms are the 2 main factors in which many researches have focused on. The goal of those researches is to uncover intrusions as much as possible and to increase the rate and accuracy of detections while reducing the false warnings. Those solutions, however, mainly have high computational loads, low accuracy, and high implementation costs. In this paper, we present a comprehensive and accurate solution to detect and prevent intrusions in cloud computing systems by using a hybrid method, called HIDCC. The implementation results of the proposed method show that the intrusion coverage, intrusion detection accuracy, reliability, and availability in cloud computing systems are considerably increased, and false warnings are significantly reduced.