Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: ICNC-FSKD 2015
Guest editors: Zheng Xiao and Kenli Li
Article type: Research Article
Authors: Chan, Gaik-Yeea | Chua, Fang-Fanga | Lee, Chien-Singb; *; 1
Affiliations: [a] Faculty of Computing and Informatics, Multimedia University, Persiaran Multimedia, Cyberjaya, Malaysia | [b] Faculty of Science and Technology, Sunway University, Sunway City, Selangor, Malaysia
Correspondence: [*] Corresponding author. Chien-Sing Lee, Faculty of Science and Technology, Sunway University, Sunway City, 47500 Selangor, Malaysia. Tel.: +60 3 74918622; E-mail: chiensingl@sunway.edu.my.
Note: [1] The corresponding author was a former faculty at Universiti Tunku Abdul Rahman, Malaysia when the research was conducted.
Abstract: Cloud computing inherits all the systems, networks as well as Web Services’ security vulnerabilities, in particular for software as a service (SaaS), where business applications or services are provided over the Cloud as Web Service (WS). Hence, WS-based applications must be protected against loss of integrity, confidentiality and availability when they are deployed over to the Cloud environment. Many existing IDP systems address only attacks mostly occurring at PaaS and IaaS. In this paper, we present our fuzzy association rule-based (FAR) and fuzzy associative pattern-based (FAP) intrusion detection and prevention (IDP) systems in defending against WS attacks at the SaaS level. Our experimental results have validated the capabilities of these two IDP systems in terms of detection of known attacks and prediction of new variant attacks with accuracy close to 100%. For each transaction transacted over the Cloud platform, detection, prevention or prediction is carried out in less than five seconds. For load and volume testing on the SaaS where the system is under stress (at a work load of 5000 concurrent users submitting normal, suspicious and malicious transactions over a time interval of 300 seconds), the FAR IDP system provides close to 95% service availability to normal transactions. Future work involves determining more quality attributes besides service availability, such as latency, throughput and accountability for a more trustworthy SaaS.
Keywords: Intrusion detection, intrusion prevention, software as a service, fuzzy association rule, web service
DOI: 10.3233/JIFS-169007
Journal: Journal of Intelligent & Fuzzy Systems, vol. 31, no. 2, pp. 749-764, 2016
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl