Abstract
A trusted virtual domain (TVD) enables grouping of related virtual machines running on separate physical machine into a single network domain with a unified security policy. Since the virtual machines can be running different operating systems and applications, the attacker can generate attacks in the TVD by exploiting a single vulnerability in any of the operating systems or applications. Our aim in this paper is to consider the design choices and develop an intrusion detection architecture that would enable efficient detection and prevention of different types of attacks in such a TVD based distributed environments. The proposed architecture can capture the knowledge of the operating systems and applications at fine granular level and isolate the malicious entities that are generating the attack traffic. Our model takes into account the security policies that are specific to the virtual machine as well as security policies of the trusted virtual domains to deal with the attacks efficiently.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2010 |
| Place of Publication | Piscataway, NJ |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 529-535 |
| Number of pages | 7 |
| ISBN (Print) | 9780769543222 |
| DOIs | |
| Publication status | Published - 2010 |
| Event | IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing, EUC 2010 - Hong Kong, China Duration: 11 Dec 2010 → 13 Dec 2010 |
Other
| Other | IEEE/IFIP 8th International Conference on Embedded and Ubiquitous Computing, EUC 2010 |
|---|---|
| Country/Territory | China |
| City | Hong Kong |
| Period | 11/12/10 → 13/12/10 |