Abstract
In this paper we propose comprehensive security architecture called VICTOR to deal with different types of attacks on virtual machines. Our model takes into account the specific characteristics of operating system and applications running in each virtual machine (VM) at a fine granular level to deal with the attacks. Our architecture has several components such as entity validation, intrusion detection engine and dynamic analyzer. The entity validation component is used in the detection of attack traffic with spoofed source address, secure logging, and capturing information of the operating system and applications running in the virtual machines. The intrusion detection engine component is used for detection of known attacks and suspicious behaviour by monitoring the incoming and outgoing traffic of virtual machines. The dynamic analyzer is used for detection and validation of suspicious processes, detection of zero day attacks and fine granular isolation of malicious process or application that is generating the attack traffic.
Original language | English |
---|---|
Title of host publication | Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011 |
Place of Publication | Los Alamitos, Calif. |
Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
Pages | 682-685 |
Number of pages | 4 |
ISBN (Print) | 9781424492213 |
DOIs | |
Publication status | Published - 2011 |
Event | 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011 - Dublin, Ireland Duration: 23 May 2011 → 27 May 2011 |
Other
Other | 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011 |
---|---|
Country/Territory | Ireland |
City | Dublin |
Period | 23/05/11 → 27/05/11 |