Creating Secure Application in Amazon Web Services with Traffic Mirroring and Suricata Intrusion Detection System

Creating Secure Application in Amazon Web Services with Traffic Mirroring and Suricata Intrusion Detection System (EN)

Koritsas, Ilias (EN)

Baltatzis, Dimitrios (EL)

Serketzis, Nikolaos (EN)

masterThesis

2022-11-10T08:01:31Z

2022-02

2022-11-10

This dissertation was written as a part of the Msc in Cybersecurity at the International Hellenic Uni- versity. During recent years, more and more organizations migrate their data and services to the cloud environment. For this reason, cloud resources and infrastructure have become target for many malicious actors. In this dissertation we will examine how Amazon Web Services features like Traf- fic Mirroring, VPC, Load Balancing and Auto-scaling can be utilized, along with the Suricata Intru- sion Detection Software, to create efficient and scalable monitoring solutions, in terms of security and resource utilization. The implemented architecture and scaling policies will be tested by creat- ing synthetic network traffic to simulate an attack. The current landscape of the cloud environment and the the cloud deployment models are briefly discussed, as well as some security challenges that this environment faces. In the first chapter, the general cloud landscaped and the challenges it faces are discussed. There is a brief mention of the types of cloud that exists and the key security concepts of the cloud environ- ment are analyzed. Finally, it includes an overview of Intrusion Detection Systems (IDS) types. In the second chapter, the services of Amazon Cloud that are used to create the secure and robust application architecture are analyzed. Next, in the third chapter, we describe in detail all the compo- nents and concepts of the created application. It contains the overview of the network architecture setup, all the utilized software, as well as their detailed configuration. All the different stacks that compose the application, the sub-networking and the network flows are explained. The next chapter describes in detail the exact setup and methods that were used to test the imple- mented application, the network packet crafting procedure, the scaling policies and the results of these tests, and the related figures. Finally, the last chapter, includes the conclusions drawn, concerning the security and scalability of the implemented application, and also the drawbacks and challenges of this an approach and enu- merates the pros and cons of utilizing Traffic Mirroring and Auto-scaling to create an efficient mon- itoring solution for cloud resources. Special thanks to Prof. Dimitrios Baltatzis for his guidance and advice as a supervisor in this disser- tation. (EN)

Amazon Web Services (EN)

Traffic Mirroring (EN)

Suricata Intrusion Detection System (EN)

Secure Application (EN)

Αγγλική γλώσσα

School of Science and Technology, MSc in Cybersecurity

School of Science and Technology, Master of Science (MSc) in Cybersecurity (EN)

Default License

International Hellenic University

Institutional Repository of the International Hellenic University

University Center of International Programmes of Studies (UCIPS)

Master Theses