AMAD: Resource Consumption Profile-Aware Attack Detection in IaaS Cloud

Author

Lazri, Kahina ; Laniepce, Sylvie ; Haiming Zheng ; Ben-Othman, Jalel

Author_Institution

Security Dept., Orange Labs., Caen, France

fYear

2014

fDate

8-11 Dec. 2014

Firstpage

379

Lastpage

386

Abstract

Cloud infrastructures are prone to various anomalies due to their ever-growing complexity and dynamics. Monitoring behavior of dynamic resource management systems is necessary to guarantee cloud reliability. In this paper, we present AMAD, a system designed for detecting an abusive use of dynamic virtual machine migration, in the case of the abusive virtual machine migration attack. This attack is performed by malicious manipulation of the amounts of resources consumed by Virtual Machines (VMs). AMAD identifies the VMs possibly at the origin of the attack by analyzing resource consumption profiles of the VMs to detect the fluctuating and highly correlated ones. We have implemented AMAD on top of the VMware ESXi platform and evaluated it both on our lab platform and under real cloud configurations. Our results show that AMAD pinpoints the attacking VMs which were intentionally injected in our experimentations, with high accuracy.

Keywords

cloud computing; resource allocation; security of data; virtual machines; AMAD system; IaaS cloud infrastructure; VM; VMware ESXi platform; cloud configuration; cloud reliability; dynamic resource management systems; dynamic virtual machine migration; infrastructure-as-a-service; resource consumption profile-aware attack detection; resource consumption profiles; virtual machines; Accuracy; Dynamic scheduling; Indexes; Measurement; Memory management; Resource management; Vectors; Anomaly detection; Dynamic resource management; Reliability; Security; VM migration; VM profiling;

fLanguage

English

Publisher

ieee

Conference_Titel

Utility and Cloud Computing (UCC), 2014 IEEE/ACM 7th International Conference on

Conference_Location

London

Type

conf

DOI

10.1109/UCC.2014.48

Filename

7027515