Network performance testing on VM based autonomous web server

As online services increasingly play vital roles in modern society, the possibilities and opportunities offered are limitless, unfortunately, so too are the risks and chances of malicious intrusions. Intrusion detection systems (IDSs) has been widely used as an important component in protecting online service towards Web attacks and evasions. Yet, today´s architectures for intrusion detection force the IDS designer to make a difficult choice to place IDS, so that it can protect itself from a direct attack. To address these challenges, this paper introduces a novel framework to safeguard IDS from a direct attack. Simply called zero administrative server (ZAS), the system incorporates IDS in a virtual machine (VM) environment. VM offers strong isolation for IDS from the monitored services and provides significant resistance to malicious attacks. Moreover, this VM based WWW server has the ability to monitor the network traffic to the running services; analyse the information obtained and detect the intrusion; alienate the intruder from the services; and reconstruct the corrupted data or damaged files caused by the evasion. In this paper, we demonstrate ZAS by exposing it to several attacking tools as well as to show the effects it takes on the network performance in terms of TCP throughput and application-to-application round trip time.