Topic Name

A
Major Project Report
Submitted
in partial fulfillment
for the award of the Degree of

Bachelor of Technology
in Department of Computer Science and Engineering

Project Supervisor

Submitted By

Mr. Abhishek Khadolia

Student Name

Assistant Professor

Roll No.:

Department of Computer Science and Engineering

Rajasthan Institute of Engineering & Technology, Jaipur-302026
Rajasthan Technical University
Academic Session
2012-2013

Rajasthan Institute of Engineering and Technology, Jaipur

Department of Computer Science and Engineering

Candidates Declaration
I hereby certify that the work embodied in this project entitled topic name by
______________, roll no. _________in partial fulfillment of the requirements for the award of
the degree of B.Tech. in CSE submitted Department of Computer Science and Engineering,
Rajasthan Institute of Engineering and Technology, Jaipur is an authentic record of my own
work carried out under the supervision of Mr. Abhishek Khadolia. The matter presented in this
dissertation has not been submitted by me in any other University/Institute for the award of any
other degree or diploma.

....
(Name of Student)
Roll No,:

This is to certify that the above statement made by the candidate is correct to the best of my
knowledge and belief.
...
(Abhishek Khadolia)
Assistant Professor
Department of CSE
RIET, Jaipur

Rajasthan Institute of Engineering and Technology, Jaipur

Department of Computer Science and Engineering, Jaipur
Session 2012-2013

Topic of the project

ABSTRACT
In todays economic environment at one hand enterprises try to balance out and optimize their IT
budgets, while on other hand increasing vulnerability of organizational data to hacking and other
intrusive attacks cause enterprises financial disaster. The problem of intruder attack to an
organization is not new to anyone, either the physical attack such as stealing files from the
companies locker or the network attack such as person sitting on a network other than companies
network break the password of a computer with the intention of stealing files. Intruders are using
more advanced technologies and they are attacking more frequently and disastrous hence
organizations network and information security is of increasing concern nowadays. It became a
national threat in 2010, according to CSA (Cloud Security Alliance), it is estimated that there are
top 07 network attacks to clouds, this is massive. [1] To protect an organization from these types
of attacks certain policies and systems are implemented.

TABLE OF CONTENTS
CERTIFICATE....i
ACKNOWLEDGEMENT.......iii
ABSTRACT..iv
AUTHORS PUBLICATIONS....v
LIST OF FIGURES .vi
LIST OF TABLES...viii
CHAPTER 1: INTRODUCTION......2
1.1 Motivation3
1.2 Cloud Computing.3
1.3 Security in Cloud Computing..13
1.3.1 Common Threats to Cloud Computing14
1.4 Intrusion Detection and Prevention System.17
1.5 Detection Methodologies.20
1.6 Problem Identification.23
1.7 Research Objectives.23
1.8 Research Methodology........23
1.9 Research Process..24
1.10 Organization of thesis....25
CHAPTER 2: HYBRID INTRUSION DETECTION SYSTEM27
2.1 Introduction..28
2.2 Existing Hybrid Intrusion Detection System (HIDPS)28
2.3 Proposed Work- Improved HIDS30
32

2.3.1 Algorithm.
2.3.2 Flowchart.
CHAPTER 3: AN IMPROVED HIDS.................................
3.1 Architectural Design
3.2 KFSensor.
3.3 FlowMatrix..
3.4 Design of a network in Packet Tracer..
CHAPTER 4: IMPLEMENTATION OF AN IMPROVED HIDS.
4.1 Analysis of Phase 1..
4.2 Analysis of Phase 2..
4.3 Analysis of Phase 3..
CHAPTER 5: CONCLUSION.......
5.1 Conclusion.......
LIST OF REFERENCES....

LIST OF TABLES

Table 1: Cloud Service Provider....5

Table 2: Anomaly event occurs on 2nd April at 9:52-10:52 a.m....52
Table 3: Rule events ..54
Table 4: Characteristics observed through overall experiment of KFSensor62
Table 5: Anomaly event.65
Table 6: Rule events.......65
Table 7: Characteristics observed while doing experiments with FlowMatrix.68
Table 8: Characteristics observed while doing experiments with KFSensor and
FlowMatrix....72

LIST OF FIGURES

Figure 1: Cloud Computing.4

Figure 2: Layers of Cloud Computing....8
Figure 3: Public Cloud....10
Figure 4: Inter Cloud...12
Figure 5: Research Process.24
Figure 6: Flow Chart...34
Figure 7: Architectural Design....37
Figure 8: KFSensor.39
Figure 9: Dashboard Summary....42
Figure 10: Network Design in Packet Tracer..44
Figure 11: Activities by all the three nodes detected by KFSensor....47
Figure 12: Network Activity by the node 20.1.1.20....48
Figure 13: Network Activity by the node 20.1.1.40....49
Figure 14: Anomalous behavior capture by FlowMatrix....50
Figure 15: Anomaly Event count per minute on 2nd April at 9:52-10:52 am.............. 51
Figure 16: Anomaly Detection in Subspace #1......53
Figure 17: Anomaly Detection in Subspace #1
53
Figure 18: Rules Triggered.....54
Figure 19: Packet volume from all devices.55