DocumentCode
3193677
Title
Efficient and effective NIDS for cloud virtualization environment
Author
Chih-Hung Lin ; Chin-Wei Tien ; Hsing-Kuo Pao
Author_Institution
CyberTrust Technol. Inst. Inst. for Inf. Ind., Taipei, Taiwan
fYear
2012
fDate
3-6 Dec. 2012
Firstpage
249
Lastpage
254
Abstract
While more and more digital application services move to the cloud virtualization environment, the network security challenges are equally striking. In general, these network attacks can be detected by deploying network intrusion detection systems (NIDSs) to the cloud platform. As clients in the cloud can create many virtual machines (VMs) to run their services privately, all detection rules are usually loaded into NIDSs to avoid any oversight, and cause damage to the performance of NIDS. This work presents a new architecture for building an efficient NIDS to the cloud virtualization environment. By resolving the virtual system information from operating systems´ kernel map in hypervisor layer, the services in the cloud can be identified exactly and the required detection rules can be adopted dynamically. The experiment results show that the proposed NIDS is efficient and effective.
Keywords
cloud computing; computer network performance evaluation; computer network security; operating system kernels; virtual machines; virtualisation; NIDS performance degradation; VM; cloud platform; cloud virtualization environment; detection rules; digital application services; hypervisor layer; network attack detection; network intrusion detection system; network security; operating system kernel map; virtual machines; virtual system information; Cloud computing; Data structures; Kernel; Linux; Virtual machine monitors; Virtualization; Cloud computing; Network intrusion detection system; Virtualization;
fLanguage
English
Publisher
ieee
Conference_Titel
Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on
Conference_Location
Taipei
Print_ISBN
978-1-4673-4511-8
Electronic_ISBN
978-1-4673-4509-5
Type
conf
DOI
10.1109/CloudCom.2012.6427583
Filename
6427583
Link To Document