Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking

被引：49

作者：

Aldribi, Abdulaziz ^{[1
]}

Traore, Issa ^{[2
]}

Moa, Belaid ^{[2
]}

Nwamuo, Onyekachi ^{[2
]}

机构：

[1] Qassim Univ, Dept Comp Engn, Buraydah, Saudi Arabia

[2] Univ Victoria, Dept Elect & Comp Engn, Victoria, BC, Canada

来源：

COMPUTERS & SECURITY | 2020年 / 88卷

关键词：

Cloud computing; Cloud security monitoring; Hypervisor-based intrusion detection; Anomaly detection; Change detection; Multistage attacks; R-PACKAGE; ATTACKS; SYSTEM;

D O I：

10.1016/j.cose.2019.101646

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Cloud computing is facing a multidimensional and rapidly evolving threat landscape, making intrusion detection more challenging. This paper introduces a new hypervisor-based cloud intrusion detection system (IDS) that uses online multivariate statistical change analysis to detect anomalous network behaviors. As a departure from the conventional monolithic network IDS feature model, we leverage the fact that a hypervisor consists of a collection of instances, to introduce an instance-oriented feature model that exploits the individual and correlated behaviors of instances to improve the detection capability. The proposed approach is evaluated by collecting and using a new cloud intrusion dataset that includes a wide variety of attack vectors. (C) 2019 Elsevier Ltd. All rights reserved.

引用

页数：21

共 50 条

[31] Mehmood Y, 2015, 2015 CONFERENCE ON INFORMATION ASSURANCE AND CYBER SECURITY (CIACS), P1, DOI 10.1109/CIACS.2015.7395559
[32] Mishra P, 2016, 2016 IEEE INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND AUTOMATION (ICCCA), P1211, DOI 10.1109/CCAA.2016.7813926
[33] Modi C.N., 2012, 2012 Third International Conference on Computing, Communication and Networking Technologies (ICCCNT'12), P1, DOI DOI 10.1109/ICCCNT.2012.6396086
[34] Moorthy et M., 2013, International Journal of Engineering Technology, P0975
[35] Mukkavilli SK, 2016, J INF SECUR, V7, P172, DOI DOI 10.4236/JIS.2016.73013
[36] Nazarudin DAA, 2017, J FUNDAM APPL SCI, V9, P600, DOI 10.4314/jfas.v9i6s.45
[37] Nikolai J, 2014, INT CONF COMPUT NETW, P989, DOI 10.1109/ICCNC.2014.6785472
[38] Anomaly Detection System in Cloud Environment Using Fuzzy Clustering Based ANN
Pandeeswari, N.
Kumar, Ganesh
[J]. MOBILE NETWORKS & APPLICATIONS, 2016, 21 (03) : 494 - 505
[39] Protic D.D., 2018, Vojnotehnicki glasnik/Military Tech. Courier, V66, P580, DOI [DOI 10.5937/VOJTEHG-66-16670, 10.5937/vojtehg66-16670]
[40] DISCO ANALYSIS: A NONPARAMETRIC EXTENSION OF ANALYSIS OF VARIANCE
Rizzo, Maria L.
Szekely, Gabor J.
[J]. ANNALS OF APPLIED STATISTICS, 2010, 4 (02) : 1034 - 1055

← 1 2 3 4 5 →