IDS in cloud computing a novel multi-agent specification method

Intrusion detection systems (IDS) are most efficient way of defending against network-based attacks aimed at computer systems. These systems are used in almost all large-scale IT infrastructures. As part of the migration to cloud services, the situation is even more complex because of the characteristics of cloud, everything is virtual. The number of virtual machines (VM) changes dynamically according to the resource requirement of the requested processing and can be of the order of thousands to tens of thousands. Each VM has an IDS adapted to its services (web server, mail server, ftp server, etc.) and to increase the performance we can use different types of IDS (signature-based IDS, anomaly-based IDS) in one machine. Due to their complex nature, IDS in a cloud environment are extremely difficult to specify and validate. In this paper, we propose a new formal model for the specification and the validation of such systems. This approach considers these Systems as a Multi-Agent System consisting of concurrent reactive agents that cooperate with each other to achieve the desired functionality. In addition, this approach uses formal synchronous specification and verification tools in order to specify and to verify the systems behaviors. © 2005-2016 JATIT & LLS. All rights reserved.