Comparative Analysis: Intrusion Detection in Multi-Cloud Environment to Identify Way Forward

Cloud computing is the emerging platform that is covering individual and corporate needs swiftly. The spread of this global platform is ranging from infrastructure to various middleware, front-end and back- end services. At corporate level, another effective configuration of this phenomenon is multi-cloud environment, which is depicting the ultimate control of the end-user on engaging services from various cloud service providers depending on the service ranking, cost and availability. It is therefore, now very much desirable to have infrastructure services from one service provider while data services are performed on another cloud or having infrastructure services in a distributed environment on multiple clouds. Multi-cloud environment is closely linked with smartly configured security mechanism to ensure the security at rest and in transit. Intrusion detection at various levels and services of cloud platform is not an easy task and when it is spread over multiple clouds then the challenge becomes more complex and tedious. On the other side, managing and integrating a multi-cloud computing environment is also highly complex. From technical point of view, it requires experience and hi-tech skills to formulate sustainable integration between multiple clouds and a coherence among various services to provide an encapsulated platform for the end-user. As in a multicolor environment, the integration can be focused on Infrastructure-as-a-Service (IaaS), Software-as-a-Service (SaaS) and Platform-as-a-Service (PaaS) from various cloud service providers therefore an API-consistent cloud environment is required which leads to the security and more specifically intrusion detection. The problem arises when most of the existing network based intrusion detection systems are designed to deal with the known threats and attacks. These systems are dependent on a rule base that is sufficient to work in certain environment but in case of multi-cloud integration, such fixed rule bases and known-resilience becomes a point of concern. It is therefore, required to look at the intrusion detection system, which may adapt the environmental changes as well as can at least indicate the unknown / anomaly attacks or detection. Honeypot is a vibrant mechanism to divert attention of the unknown attackers and able to capture data to analyze the anomaly. Honeypots may not be so useful independently but along with an intrusion detection system; this mechanism works efficiently and provides tangible results. This research paper is focused on analyzing the multi-cloud environment, intrusion detection systems and the use of honeypots in the existing solutions to understand the possible configurations for effective results in making a sustainable, secure and scalable multi-cloud environment.