DocumentCode
2099827
Title
Cloud Security Auditing Based on Behavioral Modeling
Author
Birnbaum, Zachary ; Bingwei Liu ; Dolgikh, Andrey ; Yu Chen ; Skormin, Victor
Author_Institution
Dept. of Electr. & Comput. Eng., Binghamton Univ., Binghamton, NY, USA
fYear
2013
fDate
June 28 2013-July 3 2013
Firstpage
268
Lastpage
273
Abstract
Multi-tenancy is one of the most attractive features of cloud computing, which provides significant benefits to both clients and service providers by supporting elastic, efficient, and on-demand resource provisioning and allocation. However, this architecture also introduces additional security implications. Client Virtual Machine (VM) instances running on the same physical machine are susceptible to side-channel and escape-to-hypervisor attacks. The timely prevention of intrusive behavior and malicious processes using signature based intrusion detection technologies, or system call level anomaly analysis is a very challenging task due to a high rate of false alarms. In this work, a behavioral modeling scheme is proposed to audit the behaviors of client VMs and to detect suspicious processes on the highest semantic level. Our preliminary results have validated the effectiveness and efficiency of this novel approach.
Keywords
auditing; client-server systems; cloud computing; resource allocation; security of data; virtual machines; behavioral modeling scheme; client VM behavior auditing; client VM instances; client virtual machine instances; cloud computing; cloud security auditing; elastic efficient on-demand resource provisioning; escape-to-hypervisor attack; false alarm rate; malicious process prevention; multitenancy; physical machine; resource allocation; security implication; service providers; side-channel attack; signature based intrusion detection technology; suspicious process detection; system call level anomaly analysis; timely intrusive behavior prevention; Computational modeling; Hardware; Monitoring; Security; Servers; Software; Virtual machine monitors; Behavioral Modeling; Cloud Security Auditing (CSA); Multi-Tenancy; Suspicious Process Detection;
fLanguage
English
Publisher
ieee
Conference_Titel
Services (SERVICES), 2013 IEEE Ninth World Congress on
Conference_Location
Santa Clara, CA
Print_ISBN
978-0-7695-5024-4
Type
conf
DOI
10.1109/SERVICES.2013.81
Filename
6655708
Link To Document