Abstract: Cloud security is one of most significant problems that have attracted plenty of analysis and development effort in past few years. Significantly, attackers will explore vulnerabilities of a cloud system and compromise virtual machines to deploy additional large-scale Distributed Denial-of-Service (DDoS). DDoS attacks typically involve early stage actions like multi-step exploitation, low frequency vulnerability scanning, and compromising known vulnerable virtual machines as zombies, and eventually DDoS attacks through the compromised zombies. Inside the cloud system, particularly the Infrastructure-as-a-Service (IaaS) clouds, the detection of zombie exploration attacks is very troublesome. This is often as a result of cloud users could install vulnerable applications on their virtual machines. to forestall vulnerable virtual machines from being compromised within the cloud, we have a tendency to propose a multi-phase distributed vulnerability detection, activity, and measure choice mechanism referred to as NICE, that is constructed on attack graph primarily based analytical models and reconfigurable virtual network-based countermeasures. The planned framework leverages Open Flow schedule genus Apis to create a monitor and management plane over distributed programmable virtual switches so as to considerably improve attack detection and mitigate attack consequences. The system and security evaluations demonstrate the potency and effectiveness of the planned resolution.

Keywords: Network security, cloud computing, intrusion detection, attack graph, zombie detection.