Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking

被引：41

作者：

Aldribi, Abdulaziz ^{[1
]}

Traore, Issa ^{[2
]}

Moa, Belaid ^{[2
]}

Nwamuo, Onyekachi ^{[2
]}

机构：

[1] Qassim Univ, Dept Comp Engn, Buraydah, Saudi Arabia

[2] Univ Victoria, Dept Elect & Comp Engn, Victoria, BC, Canada

来源：

COMPUTERS & SECURITY | 2020年 / 88卷

关键词：

Cloud computing; Cloud security monitoring; Hypervisor-based intrusion detection; Anomaly detection; Change detection; Multistage attacks; R-PACKAGE; ATTACKS; SYSTEM;

D O I：

10.1016/j.cose.2019.101646

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cloud computing is facing a multidimensional and rapidly evolving threat landscape, making intrusion detection more challenging. This paper introduces a new hypervisor-based cloud intrusion detection system (IDS) that uses online multivariate statistical change analysis to detect anomalous network behaviors. As a departure from the conventional monolithic network IDS feature model, we leverage the fact that a hypervisor consists of a collection of instances, to introduce an instance-oriented feature model that exploits the individual and correlated behaviors of instances to improve the detection capability. The proposed approach is evaluated by collecting and using a new cloud intrusion dataset that includes a wide variety of attack vectors. (C) 2019 Elsevier Ltd. All rights reserved.

引用

页数：21

共 50 条

[1] Hypervisor-based Cloud Intrusion Detection System
Nikolai, Jason
Wang, Yong
2014 INTERNATIONAL CONFERENCE ON COMPUTING, NETWORKING AND COMMUNICATIONS (ICNC), 2014, : 989 - 993
[2] Design of Hypervisor-based Integrated Intrusion Detection System in Cloud Computing Environment
Wang, Chih-Hung
Chen, Xuan-Liang
INTELLIGENT SYSTEMS AND APPLICATIONS (ICS 2014), 2015, 274 : 972 - 981
[3] Cloud security in the age of adaptive adversaries: A game theoretic approach to hypervisor-based intrusion detection
Sadia
Saadat, Ahsan
Faheem, Yasir
Abaid, Zainab
Fraz, Muhammad Moazam
Journal of Systems Architecture, 2024, 156
[4] Reinforcement Learning Driven Self-Adaptation in Hypervisor-Based Cloud Intrusion Detection Systems (RLDAC-IDS)
Qaffas, Alaa A.
INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2024, 15 (07) : 448 - 460
[5] Network and hypervisor-based attacks in cloud computing environments
Montasari, Reza
Macdonald, Stuart
Hosseinian-Far, Amin
Carroll, Fiona
Daneshkhah, Alireza
INTERNATIONAL JOURNAL OF ELECTRONIC SECURITY AND DIGITAL FORENSICS, 2021, 13 (06) : 630 - 651
[6] Laccolith: Hypervisor-Based Adversary Emulation with Anti-Detection
Orbinato V.
Feliciano M.C.
Cotroneo D.
Natella R.
IEEE Transactions on Dependable and Secure Computing, 2024, 21 (06) : 1 - 13
[7] A Bayesian Game-Theoretic Intrusion Detection System for Hypervisor-Based Software Defined Networks in Smart Grids
Niazi, Rumaisa Aimen
Faheem, Yasir
IEEE ACCESS, 2019, 7 : 88656 - 88672
[8] Block-Level Storage Caching for Hypervisor-Based Cloud Nodes
Tak, Byungchul
Tang, Chunqiang
Chang, Rong N.
Seo, Euiseong
IEEE ACCESS, 2021, 9 : 88724 - 88736
[9] SHADuDT: Secure hypervisor-based anomaly detection using danger theory
Azmi, Reza
Pishgoo, Boshra
COMPUTERS & SECURITY, 2013, 39 : 268 - 288
[10] TGVisor: A Tiny Hypervisor-Based Trusted Geolocation Framework for Mobile Cloud Clients
Park, Sungjin
Yoon, Jae Nam
Kang, Cheoloh
Kim, Kyong Hoon
Han, Taisook
2015 3RD IEEE INTERNATIONAL CONFERENCE ON MOBILE CLOUD COMPUTING, SERVICES, AND ENGINEERING (MOBILECLOUD 2015), 2015, : 99 - 108

← 1 2 3 4 5 →