Securing virtual machines from anomalies using program-behavior analysis in cloud environment

Preeti Mishra, Emmanuel S. Pilli, Vijay Varadharajan, Udaya Tupakula

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contribution

11 Citations (Scopus)

Abstract

Cloud Computing is the key technology of today's cyber world which provides online provisioning of resources on demand and pay per use basis. Malware attacks such as virus, worm and rootkits etc. are some threats to virtual machines (VMs) in cloud environment. In this paper, we present a system call analysis approach to detect malware attacks which maliciously affect the legitimate programs running in Virtual Machines (VMs) and modify their behavior. Our approach is named as 'Malicious System Call Sequence Detection (MSCSD)' which is based on analysis of short sequence of system calls (n-grams). MSCSD employs an efficient feature representation method for system call patterns to improve the accuracy of attack detection and reduce the cost of storage with reduced false positives. MSCSD applies Machine Learning (Decision Tree C 4.5) over the collected n-gram patterns for learning the behavior of monitored programs and detecting malicious system call patterns in future. We have analyzed the performance of some other classifiers and compared our work with the existing work for securing virtual machine in cloud. A prototype implementation of the approach is carried out over UNM dataset and results seem to be promising.

Original languageEnglish
Title of host publicationHPCC/SmartCity/DSS 2016
Subtitle of host publicationProceedings of the Eighteenth IEEE International Conference on High Performance Computing and Communications, the Fourteenth IEEE International Conference on Smart City, the Second IEEE International Conference on Data Science and Systems
EditorsJinjun Chen, Laurence T. Yang
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages991-998
Number of pages8
ISBN (Electronic)9781509042975
ISBN (Print)9781509042982
DOIs
Publication statusPublished - 2016
Event18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2016 - Sydney, Australia
Duration: 12 Dec 201614 Dec 2016

Other

Other18th IEEE International Conference on High Performance Computing and Communications, 14th IEEE International Conference on Smart City and 2nd IEEE International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2016
CountryAustralia
CitySydney
Period12/12/1614/12/16

Keywords

  • Anomaly detection
  • Cloud security
  • Intrusion detection
  • Machine learning
  • System call analysis

Fingerprint Dive into the research topics of 'Securing virtual machines from anomalies using program-behavior analysis in cloud environment'. Together they form a unique fingerprint.

  • Cite this

    Mishra, P., Pilli, E. S., Varadharajan, V., & Tupakula, U. (2016). Securing virtual machines from anomalies using program-behavior analysis in cloud environment. In J. Chen, & L. T. Yang (Eds.), HPCC/SmartCity/DSS 2016: Proceedings of the Eighteenth IEEE International Conference on High Performance Computing and Communications, the Fourteenth IEEE International Conference on Smart City, the Second IEEE International Conference on Data Science and Systems (pp. 991-998). Piscataway, NJ: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/HPCC-SmartCity-DSS.2016.0141