Title :
Autonomous agent based intrusion detection in virtual computing environment
Author :
Ohoussou, Alex K. ; Jin, Hai ; Zou, Deqing ; Zhao, Feng ; Xiang, Guofu ; Cheng, Ge
Author_Institution :
Cluster & Grid Comput. Lab., Huazhong Univ. of Sci. & Technol., Wuhan, China
Abstract :
One of the motivations for virtualization technology is the desire to develop new services to enhance system security without trusting both the applications and the operating systems. An intrusion detection system is an example of such service that can help to isolate users from malicious attacks. In this paper, we propose hybrid-based intrusion detection architecture in virtual computing environment to detect and isolate harmful behaviors by real-time monitoring and alarming. In contrast to monolithic intrusion detection system, we introduce autonomous agents, acting independently of each other, to monitor the system. The agents are deployed in virtual machines to analyze actions occurring on the network and inside the hosts to determine whether they are potential security violations or not. Our architecture is implemented based on Xen, and the detection management center is deployed in a secure virtual machine.
Keywords :
Autonomous agents; Correlators; Hardware; Intrusion detection; Isolation technology; Network servers; Operating systems; Protection; Virtual machining; Virtual manufacturing; autonomous agent; intrusion detection; virtual computing environment;
Conference_Titel :
Wireless Communications, Networking and Information Security (WCNIS), 2010 IEEE International Conference on
Conference_Location :
Beijing, China
Print_ISBN :
978-1-4244-5850-9
DOI :
10.1109/WCINS.2010.5541866
