Automated Defense Framework for Large-Scale Distributed Applications in Cloud Computing Environments – QC- 293

The advantages of cloud computing have been mainly used from a service perspective. It offers virtually unlimited resources in CPU, memory and bandwidth, under a service agreement scheme, in order to use those resources to provide a service. Operators leverage on this model to achieve economies of scale, by hosting as much customers as possible on that infrastructure. The objective of the Cloud Service Provider (CSP) is to keep those resources as busy as possible taking into account the preservation of Service Level Agreements (SLA) previously negotiated with the customers.
The detected gap is that cloud computing model can be also used for security. That is to say, it uses the flexibility, elasticity and low-cost provided by cloud computing to provide security services to customers. This project will develop a cloud computing based security service to deploy countermeasures when intrusions are detected in order to mitigate risks on cloud services and this way protects the business models of customers.
As an outcome, the services would have higher availability, be less prone to security threats and, have no associated costs regarding paying the consequences of data leaks and bad publicity, which represents losses for the enterprises and degrades their image.

Faculty Supervisor:

Nora Cuppens;Nora Cuppens-Boullahia

Student:

Partner:

Ericsson Canada Inc (Quebec)

Discipline:

Computer science

Sector:

Information and cultural industries; Professional, scientific and technical services

University:

Polytechnique Montréal

Program: