• DocumentCode
    3193677
  • Title

    Efficient and effective NIDS for cloud virtualization environment

  • Author

    Chih-Hung Lin ; Chin-Wei Tien ; Hsing-Kuo Pao

  • Author_Institution
    CyberTrust Technol. Inst. Inst. for Inf. Ind., Taipei, Taiwan
  • fYear
    2012
  • fDate
    3-6 Dec. 2012
  • Firstpage
    249
  • Lastpage
    254
  • Abstract
    While more and more digital application services move to the cloud virtualization environment, the network security challenges are equally striking. In general, these network attacks can be detected by deploying network intrusion detection systems (NIDSs) to the cloud platform. As clients in the cloud can create many virtual machines (VMs) to run their services privately, all detection rules are usually loaded into NIDSs to avoid any oversight, and cause damage to the performance of NIDS. This work presents a new architecture for building an efficient NIDS to the cloud virtualization environment. By resolving the virtual system information from operating systems´ kernel map in hypervisor layer, the services in the cloud can be identified exactly and the required detection rules can be adopted dynamically. The experiment results show that the proposed NIDS is efficient and effective.
  • Keywords
    cloud computing; computer network performance evaluation; computer network security; operating system kernels; virtual machines; virtualisation; NIDS performance degradation; VM; cloud platform; cloud virtualization environment; detection rules; digital application services; hypervisor layer; network attack detection; network intrusion detection system; network security; operating system kernel map; virtual machines; virtual system information; Cloud computing; Data structures; Kernel; Linux; Virtual machine monitors; Virtualization; Cloud computing; Network intrusion detection system; Virtualization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Cloud Computing Technology and Science (CloudCom), 2012 IEEE 4th International Conference on
  • Conference_Location
    Taipei
  • Print_ISBN
    978-1-4673-4511-8
  • Electronic_ISBN
    978-1-4673-4509-5
  • Type

    conf

  • DOI
    10.1109/CloudCom.2012.6427583
  • Filename
    6427583