Design and Implementation of Enhanced Intrusion Detection and Protection System for IPv4/IPv6 Dual-Stack Cloud Security with Feature Learning

• Main Authors: CHEN, JIAN-YUAN, 陳建源
• Other Authors: CHEN, KIM-JOAN
• Format: Others
• Language: zh-TW
• Published: 2018
• Online Access: http://ndltd.ncl.edu.tw/handle/8m7efq

碩士 === 國立中正大學 === 通訊工程研究所 === 106 === With the rapid development of cloud computing and virtualization technologies, cyber attackers would have a chance to use the cloud service or Internet of Things (IoT) environment as an attack platform. All information shows us that attack platforms and tools are more easily to obtain. In this regard, cloud providers also developed many types of services for users, such as OpenStack. An open source cloud platform developed cloud service called Firewall as a Service (FaaS) for users to filter the network suspicious traffic from internet. With the increase of network devices and services, IPv4 address in the Asia-Pacific region are already full released in 2011. In the future, IoT and cloud computing need the large demand of IP address to support more network services. The cloud environment is also required management if the large of Virtual Machines (VM) are used IP address. To solve this issue, IPv6 is an effective way to reduce the IPv4 address shortage and IP address requirement. The 128-bit IPv6 address is sufficient for each person to assign one million IPv6 address. However, the large amount of address space also creates network management difficulties and diversity of network threats. Therefore, this paper proposed that virtual security devices of different tenants could improve the suspicious traffic detection of Rule-based IDS by using machine-learning technology under IPv6 cloud security. In addition, we design the defense collaboration strategy for different tenants to prevent VMs from launching or suffering attack by the same feature traffic. This research will focus on improving the detection of IPv6 real-time attack traffic for intrusion detection system. These three technologies of cloud environment, virtual security devices and machine learning are used to implement cloud security detection system to improve tenants’ security level.