NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment

Preeti Mishra, Emmanuel S. Pilli, Vijay Varadharajant, Udaya Tupakula

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

26 Citations (Scopus)

Abstract

Today we are living in the era of Cloud Computing where services are provisioned to users on demand and on a pay-per-use basis. On oneside, Cloud Computing has made things easier but it has also opened new doors for cyber attackers. In this paper, we propose an efficient security architecture named as NvCloudIDS to deal with intrusions at Network and Virtualization layer in Cloud Environment. NvCloudIDS performs the behavioral analysis of network traffic coming to or going from Cloud Networking Server (CNS) and provides first level of defense from intrusions at network level. It also performs Virtual Machine (VM) memory introspection and VM traffic analysis at hypervsior layer of Cloud Compute Server (CCoS) and provides second level of defense at virtualization level. The architecture of NvCloudIDS is primarily designed to improve the robustness and power of attack detection of IDS by leveraging Virtual Machine Introspection (VMI) and Machine learning techniques. The framework is validated with recent intrusion dataset (UNSW-NB) and malware binaries collected from research centers and the results seem to be promising.

Original languageEnglish
Title of host publication2016 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2016
EditorsJinsong Wu, Gregorio Martinez Perez, Sabu M. Thampi, Mohammed Atiquzzaman, Stefano Berretti, Jeol J. C. P. Rodrigues, Raghuvir Tomar, Ravi Prakash Gorthi, Patrick Siarry, Al-Sakib Khan Pathan, Jie Li, Punam Bedi, Sameep Mehta, Mohamed Habib Kammoun, Vivek Jain
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages56-62
Number of pages7
ISBN (Electronic)9781509020287
DOIs
Publication statusPublished - 2 Nov 2016
Event5th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2016 - Jaipur, India
Duration: 21 Sept 201624 Sept 2016

Other

Other5th International Conference on Advances in Computing, Communications and Informatics, ICACCI 2016
Country/TerritoryIndia
CityJaipur
Period21/09/1624/09/16

Keywords

  • Cloud Security
  • Intrusion Detection
  • Network Intrusions
  • Virtual Memory Introspection (VMI)

Fingerprint

Dive into the research topics of 'NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment'. Together they form a unique fingerprint.

Cite this