Today, on-demand is the buzzword in the IT sector and the latest in that space is the concept of the cloud. The cloud, essentially, is a way of provisioning of computational resources like data, software, etc, via a computer network, rather than from a local computer. Cloud computing makes extensive use of computer networks and existing network topologies for efficient Internet based service provision. Hence, computer networks is the backbone for Cloud computing. Each technology or software may have some bugs or vulnerabilities, which make them an easy target for attackers to get into the system. Without a suitable security mechanism, Cloud users and provider may not be able to ensure that the service is thoroughly secure which may, in turn, affect the users trust on the provider. In order to secure these transactions from intruders, network must be made secure and reliable and also it should be safeguarded from intrusion attempts.
There are two approaches to network security in cloud: signature based and anomaly based. Signature based intrusion detection systems monitor network traffic and matches it with the dataset of predefined attack patterns to detect the attacks. However, signature-based technique fails to detect the unknown or new attacks whose signatures are not defined so far or are not included into the dataset of signatures. The anomaly-based technique is another technique to detect intrusion which can solve the problem of detecting unknown attacks. It defines the general pattern of usage and detects any event that deviates from this pattern as an attack. The limitation of this technique is a large number of false positives.
In this project, we attempt to design network intrusion detection system based on both signatures as well as anomaly based approaches. Also, attempt has been made to improve the performance