Virtual Machine-based Intrusion Detection System Framework in Cloud Computing Environment

Cloud computing an emerging approach by sharing infrastructure is an overwhelming trend. While in the process of cloud deployment, the security issues can not be underestimated. Traditional Intrusion Detection System (IDS) because of lower detection rate and higher false rate couldn't be suitable the cloud here. Extensibility is the main requirement for IDS framework of cloud environment in this paper as follows. First the cross-platform and strong isolation properties of virtualization have been fully reflected here, that is to say, an extensible VM-based multiple IDSs are deployed in each layer to monitor specific virtual component. Moreover, during the process, we also propose the cloud alliance concept by the communication agents exchanging the mutual alerts mainly to resist Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) the single point attack of failure. On this basis, we have the identity certification of the communication agents to improve the reliability of the alerts. Through the comparison of simulation results, the proposed system framework has a great advantage for monitoring VMs on the detection rate.