Decision Tree based counter measures for Host-based IDS in Encrypted Network: A General Survey

Abstract

Providing Cloud security is one of challenging issues that has attracted a lot of research and development effort in last few years. In general, in very first step attackers tries to explore vulnerabilities of a cloud system and forces virtual machines to deploy further Distributed Denial-of-Service (DDoS) at a large-scale. DDoS attacks i.e variation of DOS attack usually involve early stage actions such as scanning low-frequency vulnerabilities, multistep exploitation and compromising identified vulnerable virtual machines as zombies and then at last achieving DDoS attacks through the compromised zombies. Within the cloud system, mainly in Infrastructure as a Service (IaaS) clouds, detecting zombie exploration attacks is extremely difficult. The main reason behind this may be that the cloud users may install vulnerable applications on their virtual machines. So that the security of the virtual machines get compromised. To avoid vulnerable virtual machines from being compromised in the cloud there is need of a multiphase distributed vulnerability detection, measurement, countermeasure selection mechanism. The security mechanism can be built based on attack graph-based analytical models and reconfigurable virtual network-based counter measures.