Cloud Based Security Center: To Protect Networking Attack by Forensic Scrutiny

As Internet, security problems are still a big challenge as there are many security events occurred. The underground economics based on Internet Scam and Fraud is booming. These attackers initiate more and more E-crime attacks and abuse, such as Spams, Phishing attack, Internet worms etc. Firewalls, Intrusion Detection System (IDS) and Anti-Virus Gateway are now widely deployed in edge-network to protect end-systems from the attacks. When the malicious attacks have fixed patterns, they can be easily identified and matching these patterns. For example, the Distributed Denial of service (DDoS) contains very few, if any, signatures strings to identify. Nowadays DDoS attacks are likely launched by a large volume of botswhich forms a Botnet controlled by bot master. The bots are commanded to generate attack new victim machine and enlarge botnet. The bots also commanded to conduct other issues such as disseminating spam or launching Distributed Denial-of-Service (DDoS) attacks to victim hosts. To countermeasure botnet, secure overlay is proposed. To prevent distributed attacks, collaboration is needed, so we used Collaborative Network SecurityManagement System (CNSMS).