Title :
Efficient and effective NIDS for cloud virtualization environment
Author :
Chih-Hung Lin ; Chin-Wei Tien ; Hsing-Kuo Pao
Author_Institution :
CyberTrust Technol. Inst. Inst. for Inf. Ind., Taipei, Taiwan
Abstract :
While more and more digital application services move to the cloud virtualization environment, the network security challenges are equally striking. In general, these network attacks can be detected by deploying network intrusion detection systems (NIDSs) to the cloud platform. As clients in the cloud can create many virtual machines (VMs) to run their services privately, all detection rules are usually loaded into NIDSs to avoid any oversight, and cause damage to the performance of NIDS. This work presents a new architecture for building an efficient NIDS to the cloud virtualization environment. By resolving the virtual system information from operating systems´ kernel map in hypervisor layer, the services in the cloud can be identified exactly and the required detection rules can be adopted dynamically. The experiment results show that the proposed NIDS is efficient and effective.
Keywords :
cloud computing; computer network performance evaluation; computer network security; operating system kernels; virtual machines; virtualisation; NIDS performance degradation; VM; cloud platform; cloud virtualization environment; detection rules; digital application services; hypervisor layer; network attack detection; network intrusion detection system; network security; operating system kernel map; virtual machines; virtual system information; Cloud computing; Data structures; Kernel; Linux; Virtual machine monitors; Virtualization; Cloud computing; Network intrusion detection system; Virtualization;
Conference_Titel :
Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on
Conference_Location :
Taipei
Print_ISBN :
978-1-4673-4511-8
Electronic_ISBN :
978-1-4673-4509-5
DOI :
10.1109/CloudCom.2012.6427583
