| Cloud computing has become the hottest topic in the technology world, and its main objective is to provide its clients with cloud services anywhere at any time. There are many threats that threaten cloud security and its availability, but the most common one is DOS attacks that target to bring down the cloud resources making them unreachable. We study in this thesis two DOS intrusion detection systems: one system uses covariance matrix approach to detect flooding based DOS attacks, and the other one is Snort which is a very popular open-source intrusion detection system. We implement them in cloud and then assess their performance of DOS attacks detection according to three performance factors (false positives, false negatives, and ability to detect different DOS attacks). Based on that performance analysis, our study concludes that both systems suffer from false positive and false negative errors, but Snort IDS demonstrates better performance than the covariance matrix model since it can detect different types of DOS attacks in which the other model cannot, and that is considered a significant feature in network security. |
