Title :
Cloud Resource Monitoring for Intrusion Detection
Author :
Sijin He ; Ghanem, M. ; Li Guo ; Yike Guo
Author_Institution :
Dept. of Comput., Imperial Coll. London, London, UK
Abstract :
We present a novel security monitoring framework for intrusion detection in IaaS cloud infrastructures. The framework uses statistical anomaly detection techniques over data monitored both inside and outside each Virtual Machine instance. We present the architecture of our monitoring framework and describe the implementation of the real-time monitors and detectors. We also describe how the framework is used in three different attack scenarios. For each of the three attack scenarios, we describe how the attack itself works and how it could be detected. We describe what data is monitored in our framework and how the detection is conducted using anomaly detection methods. We also present evaluation of the detection using synthetic and real data sets. Our experimental evaluation across all three scenarios shows that our tools perform well in practical situations and provide a promising direction for future research.
Keywords :
cloud computing; security of data; statistical analysis; IaaS cloud infrastructure; cloud resource monitoring; intrusion detection; security monitoring; statistical anomaly detection; virtual machine; Accuracy; Cloud computing; Conferences; Databases; Educational institutions; Integrated circuits; Monitoring; Anomaly Detection; Cloud Computing; Security;
Conference_Titel :
Cloud Computing Technology and Science (CloudCom), 2013 IEEE 5th International Conference on
Conference_Location :
Bristol
DOI :
10.1109/CloudCom.2013.148
