This dissertation was written as a part of the Msc in Cybersecurity at the International Hellenic Uni-
versity. During recent years, more and more organizations migrate their data and services to the
cloud environment. For this reason, cloud resources and infrastructure have become target for many
malicious actors. In this dissertation we will examine how Amazon Web Services features like Traf-
fic Mirroring, VPC, Load Balancing and Auto-scaling can be utilized, along with the Suricata Intru-
sion Detection Software, to create efficient and scalable monitoring solutions, in terms of security
and resource utilization. The implemented architecture and scaling policies will be tested by creat-
ing synthetic network traffic to simulate an attack. The current landscape of the cloud environment
and the the cloud deployment models are briefly discussed, as well as some security challenges that
this environment faces.
In the first chapter, the general cloud landscaped and the challenges it faces are discussed. There is a
brief mention of the types of cloud that exists and the key security concepts of the cloud environ-
ment are analyzed. Finally, it includes an overview of Intrusion Detection Systems (IDS) types.
In the second chapter, the services of Amazon Cloud that are used to create the secure and robust
application architecture are analyzed. Next, in the third chapter, we describe in detail all the compo-
nents and concepts of the created application. It contains the overview of the network architecture
setup, all the utilized software, as well as their detailed configuration. All the different stacks that
compose the application, the sub-networking and the network flows are explained.
The next chapter describes in detail the exact setup and methods that were used to test the imple-
mented application, the network packet crafting procedure, the scaling policies and the results of
these tests, and the related figures.
Finally, the last chapter, includes the conclusions drawn, concerning the security and scalability of
the implemented application, and also the drawbacks and challenges of this an approach and enu-
merates the pros and cons of utilizing Traffic Mirroring and Auto-scaling to create an efficient mon-
itoring solution for cloud resources.
Special thanks to Prof. Dimitrios Baltatzis for his guidance and advice as a supervisor in this disser-
tation.
Collections
Show Collections