A Review of Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems

Nowadays every industry and even some parts of the public sector are using cloud computing, either as a provider or as a consumer. But there are many security issues present in cloud computing environment. There are many possible attacks in cloud computing environment, One such attack is the DoS or its version DDoS attack. Generally, attackers can explore vulnerabilities of a cloud system and compromise virtual machines to deploy further large-scale Distributed Denial-of-Service (DDoS). DDoS attacks usually involve early stage actions such as low frequency vulnerability scanning, multi-step exploitation and compromising identified vulnerable virtual machines as zombies and finally DDoS attacks using the compromised zombies. Inside the cloud system, especially the Infrastructure-as-a-Service clouds, the detection of zombie exploration attacks is very difficult. To prevent vulnerable virtual machines from being compromised in the cloud, we propose a multi-phase distributed vulnerability detection, measurement, and countermeasure selection mechanism called NICE, which is built on attack graph based systematic models and reconfigurable virtual network-based countermeasures. This paper provides a short Reveiw on the techniques to network intrusion detection and countermeasure selection in virtual network system.