Cloud Resource Monitoring for Intrusion Detection

Author

Sijin He ; Ghanem, M. ; Li Guo ; Yike Guo

Author_Institution

Dept. of Comput., Imperial Coll. London, London, UK

Volume

2

fYear

2013

fDate

2-5 Dec. 2013

Firstpage

281

Lastpage

284

Abstract

We present a novel security monitoring framework for intrusion detection in IaaS cloud infrastructures. The framework uses statistical anomaly detection techniques over data monitored both inside and outside each Virtual Machine instance. We present the architecture of our monitoring framework and describe the implementation of the real-time monitors and detectors. We also describe how the framework is used in three different attack scenarios. For each of the three attack scenarios, we describe how the attack itself works and how it could be detected. We describe what data is monitored in our framework and how the detection is conducted using anomaly detection methods. We also present evaluation of the detection using synthetic and real data sets. Our experimental evaluation across all three scenarios shows that our tools perform well in practical situations and provide a promising direction for future research.

Keywords

cloud computing; security of data; statistical analysis; IaaS cloud infrastructure; cloud resource monitoring; intrusion detection; security monitoring; statistical anomaly detection; virtual machine; Accuracy; Cloud computing; Conferences; Databases; Educational institutions; Integrated circuits; Monitoring; Anomaly Detection; Cloud Computing; Security;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on

Conference_Location

Bristol

Type

conf

DOI

10.1109/CloudCom.2013.148

Filename

6735436