NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment

Mishra, Preeti; Pilli, Emmanuel Shubhakar; Varadharajant, Vijay; Tupakula, Udaya

doi:10.1109/ICACCI.2016.7732025

Author(s)

Mishra, Preeti

Pilli, Emmanuel Shubhakar

Varadharajant, Vijay

Tupakula, Udaya

Publication Date

2016-11-03

Abstract

<p>Today we are living in the era of Cloud Computing where services are provisioned to users on demand and on a pay-per-use basis. On oneside, Cloud Computing has made things easier but it has also opened new doors for cyber attackers. In this paper, we propose an efficient security architecture named as NvCloudIDS to deal with intrusions at Network and Virtualization layer in Cloud Environment. NvCloudIDS performs the behavioral analysis of network traffic coming to or going from Cloud Networking Server (CNS) and provides first level of defense from intrusions at network level. It also performs Virtual Machine (VM) memory introspection and VM traffic analysis at hypervsior layer of Cloud Compute Server (CCoS) and provides second level of defense at virtualization level. The architecture of NvCloudIDS is primarily designed to improve the robustness and power of attack detection of IDS by leveraging Virtual Machine Introspection (VMI) and Machine learning techniques. The framework is validated with recent intrusion dataset (UNSW-NB) and malware binaries collected from research centers and the results seem to be promising.</p>

Citation

2016 International conference on advances in computing, communications and informatics (), p. 56-62

ISBN

9781509020294

9781509020300

9781509020287

Link

https://hdl.handle.net/1959.11/57288

Language

en

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Title

NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment

Type of document

Conference Publication

Entity Type

Publication

Author(s)	Mishra, Preeti Pilli, Emmanuel Shubhakar Varadharajant, Vijay Tupakula, Udaya
Publication Date	2016-11-03
Abstract	<p>Today we are living in the era of Cloud Computing where services are provisioned to users on demand and on a pay-per-use basis. On oneside, Cloud Computing has made things easier but it has also opened new doors for cyber attackers. In this paper, we propose an efficient security architecture named as NvCloudIDS to deal with intrusions at Network and Virtualization layer in Cloud Environment. NvCloudIDS performs the behavioral analysis of network traffic coming to or going from Cloud Networking Server (CNS) and provides first level of defense from intrusions at network level. It also performs Virtual Machine (VM) memory introspection and VM traffic analysis at hypervsior layer of Cloud Compute Server (CCoS) and provides second level of defense at virtualization level. The architecture of NvCloudIDS is primarily designed to improve the robustness and power of attack detection of IDS by leveraging Virtual Machine Introspection (VMI) and Machine learning techniques. The framework is validated with recent intrusion dataset (UNSW-NB) and malware binaries collected from research centers and the results seem to be promising.</p>
Citation	2016 International conference on advances in computing, communications and informatics (), p. 56-62
ISBN	9781509020294 9781509020300 9781509020287
Link	https://hdl.handle.net/1959.11/57288
Language	en
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Title	NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment
Type of document	Conference Publication
Entity Type	Publication

NvCloudIDS: A security architecture to detect intrusions at network and virtualization layer in cloud environment

Files: