Title :
Network anomaly detection in the cloud: The challenges of virtual service migration
Author :
Adamova, Kirila ; Schatzmann, Dominik ; Plattner, Bernhard ; Smith, Paul
Author_Institution :
ETH Zurich, Zürich, Switzerland
Abstract :
The use of virtualisation technology in the cloud enables services to migrate within and across geographically diverse data centres, e.g., to enable load balancing and fault tolerance. An important part of securing cloud services is being able to detect anomalous behaviour, caused by attacks, that is evident in network traffic. However, it is not clear whether virtual service migration adversely affects the performance of contemporary network-based anomaly detection approaches. In this paper, we explore this issue, and show that wide-area virtual service migration can adversely affect state of the art approaches to network flow-based anomaly detection techniques, potentially rendering them unusable.
Keywords :
cloud computing; computer centres; security of data; virtualisation; anomalous behaviour detection; cloud service security; contemporary network-based anomaly detection approach; data centres; network flow-based anomaly detection techniques; network traffic; virtualisation technology; wide-area virtual service migration; Computer crime; Entropy; Feature extraction; IP networks; Ports (Computers); Principal component analysis; Time series analysis;
Conference_Titel :
Communications (ICC), 2014 IEEE International Conference on
Conference_Location :
Sydney, NSW
DOI :
10.1109/ICC.2014.6883908
