Durga Suresh PhD Proposal Review

Title: Network Security Management and Threat Mitigation in the Open Cloud

Committee Members:
Prof. Miriam Leeser (Advisor)
Prof. Michael Zink
Prof. Xiaolin Xu

Abstract:
Cloud computing and advanced cyberinfrastructures are increasingly vital to the functioning of Internet systems. Every day, more devices are added to the cloud, to provide greater resource utilization, availability, and scalability. Due to the expanding reliance on cloud computing, securing the cloud is paramount. Tackling the issue of securing the cloud is crucial not only for preserving the functionality and reliability of cloud-based systems but also for protecting the critical data and services that depend on these platforms.

Cloud computing models include public clouds, private clouds, community clouds, and hybrid clouds. Private, community, and hybrid clouds provide security, but with an important trade-off; namely, user access restriction in the cloud. The proposed research uses the Open Cloud Testbed (OCT) which is part of the National Science Foundation’s (NSF) Computer and Information Systems Engineering(CISE) Community Research Infrastructure(CRI) program. OCT is an example of a public cloud that allows users two things: 1) an isolated set of nodes to perform experiments with bare metal access, which can potentially lead to security issues, and 2) the ability to test out the solutions for both using the cloud and adding security to it. The proposed research aims to target a system like the OCT, specifically targeting a public cloud environment.

This system will be designed to allow access to the switch, enabling control and management of traffic within the cloud network. This research aims to mitigate network security threats in the public cloud network. The aim of this research is multifold. First, we identify and classify the behavior of users in the cloud. We then provide an approach to creating a network security management policy that will deal with 1)detecting network intruders that scan the cloud network and remove their access to the network, and  2) managing heavy hitters that can cause Denial of Service (DOS) and Distributed Denial of Service (DDOS) attacks in the cloud network by using the heavy hitter detection system and prevent them from putting more traffic on the network. Both network intruder detection and heavy hitter management systems use Access Control Lists (ACL)as a means to prevent the user from putting traffic on the cloud network. Lastly, we perform experiments to handle these threats and measure the success of the experimental setup concerning network attacks. The proposed approach will ensure network security by creating a framework for network security management policy to minimize threats in the cloud network and other resources directly attached to the network. The proposed research aims to enhance cybersecurity by employing network intruder detection techniques to identify potential threats, implementing heavy hitter management to mitigate threats effectively, and developing and enforcing a network security management policy to prevent future threats.