© 2021 JETIR June 2021, Volume 8, Issue 6 www.jetir.org (ISSN-2349-5162) JETIR2106320 Journal of Emerging Technologies and Innovative Research (JETIR) www.jetir.org c345 Attack Monitoring and Protection in Cloud Computing Environment through IDS Dhara Shah School of Information Technology, Artificial Intelligence and Cyber Security Rashtriya Raksha University, Gandhinagar, Gujarat, India. dharaa.shah9@gmail.com Dharati Dholariya School of Information Technology, Artificial Intelligence and Cyber Security Rashtriya Raksha University, Gandhinagar, Gujarat, India. dharati.dholariya@rru.ac.in Chandresh Parekh School of Information Technology, Artificial Intelligence and Cyber Security Rashtriya Raksha University, Gandhinagar, Gujarat, India. Chandresh.parekh@rru.ac.in Cloud computing has now established itself as a significant computing model and processing method in almost all industries. The use of cloud computing is widespread in today's world. Cloud computing is becoming a part of every IT company controlled by a third party or cloud service provider. Private cloud that's been set up for a single company with two users. It is the employer's responsibility to use own offerings or those of a third party. due to its more versatile, secure, and PAYG (Pay-as-you-go) Because the cloud's design is totally dispersed and open, there are services, and the privacy and protection of the cloud is a major concern. In addition, the cloud is open and available. The next move is to enforce the snort intrusion detection system in the cloud environment, as well as new policies within snort, in order to improve the level of protection within the cloud environment, and to examine the snort log report to ensure that the message in the log record is properly alerted. As a result, the administrator may make similar security choices in the event of an attack. Next step is enforcing snort intrusion detection system in cloud environment and new policies within the snort to improving the extent of security within the cloud environment and studying the snort log report, to see that it nicely alert the message in log record. So that administrator can take similarly protection selections associated with attacks. Keywords: Cloud security, Intrusion detection system, Snort, Cloud attacks, Intrusion. I. INTRODUCTION Cloud computing gives you full access to a shared team of powerful, convenient, on-demand adaptable computer resources (storage, network, offer packages, as well as servers, among other things) that can be swiftly established and started with little effort or service provider contact. Infrastructure as a service (IaaS), in which the host administers the entire digital machine, as well as Eucalyptus and Open Nebula, are among the services it provides greater opportunities for intrusion attacks in the cloud computing environment. As a result, the cloud environment's security is jeopardised. These cloud intrusion attacks also pose a threat to cloud users, which might include individuals like us as well as small and large businesses. According to IDG Enterprise's 2013 Cloud Computing survey, the risk in a cloud environment is higher, and cloud security is a big concern, making it harder for businesses and organisations to adopt the cloud computing paradigm. Furthermore, there is no on-premise solution that can protect a business from all forms of network-based threats. The most common network-based attacks that affect cloud security at the network layer include Address Resolution Protocol (ARP) spoofing, IP spoofing, DNS poisoning, port scanning, man-in-the- middle attacks, Routing Information Protocol (RIP) attacks, Denial of Service (DoS), and Distributed Denial of Service (DDoS) attacks. Organizations have tried standard network security measures in the past, such as firewalls and network security technologies, but these only help to stop outsider attacks. These tools are not intended for attacks that occur within the network, such as DoS and DDoS. As a result, the Intrusion Detection System is utilised. It is crucial in preventing intrusion attacks. The intrusion detection system (IDS) is used to detect both known and new attacks on systems, as well as to provide an additional security layer to prevent intrusion attempts. The term "intrusion" in the Intrusion Detection System refers to a breach of the "CIA Triad," which stands for Confidentiality, to its customers. Platform as a Service (PaaS), which enables Integrity, and Availability. When attackers strive to gain customers to set up consumer-created packages in the cloud if the provider assists with languages, APIs, and other technical aspects. Google App Engine and Microsoft Azure are examples of platforms and devices that can be utilised to develop apps. Customers can also use the software to operate provider packages with Google apps as a service (SASS). These services are available via the internet. The cloud can be sorted in four different ways: The infrastructure of a public cloud is designed to be accessible to the general public via an internet connection and unofficial access to cloud sources, and legitimate users do not use or misuse their permissions effectively, the system is vulnerable to incursions. Intrusion Detection Systems are used to keep track of what's going on in a network or system, analyse what's going on, and alert the user through alarm if an intrusion attack occurs. The Intrusion Detection System (IDS) can be software, hardware, or a mixture of both, but the basic function of the IDS stays the same regardless of whether it is software or hardware. It detects malicious behaviours in the network or system and sends