Cloud computing is a computer model that tries
to facilitate the users’ access based on their request for the
information and computing sources. In recent years, making
the cloud against the attacks has become significantly
important. One of the security methods is the use of intrusion
detection systems. In these systems, when a suspicious event
that represents an abuse occurs, warning are made to inform
the production system managers. Source sharing is the most
important part in cloud computing. Therefore, nowadays,
cloud providers use the virtualization technology to share the
sources, which is available in two levels including virtual
machine and hypervisor. In the infrastructure, the cloud
virtual machines are shared with other organizations virtual
machines as the service. In this paper, it is tried to use the
virtualization properties in the hypervisor level and improve
the IDS in the infrastructure layer of cloud computing. In
fact, genetic algorithm is used to improve IDS.
Published In : IJCAT Journal Volume 2, Issue 9
Date of Publication : September 2015
Pages : 334 - 340
Figures :05
Tables : 02
Publication Link :Improving Hypervisor-Based Intrusion Detection
in IaaS Cloud for Securing Virtual Machines
Shabnam Kazemi : received the
MSc degree in computer
engineering from Azad University,
International Branch, Kish, IRAN,
in 2015. His current research
interests are in the areas of
communication and networking,
and Information Technology.
Vahe Aghazarian : received the
MSc and Ph.D. degrees in
computer engineering from Azad
University, Sciences and Research
Branch, Tehran, IRAN, in 2002,
and 2007. He obtained the top
student awards in MSc and Ph.D.
courses. He is currently an
assistant professor in the
Department of Computer Science,
Azad University, Central Branch,
Tehran, IRAN. In 2008, Dr. Vahe
Aghazarian won top researcher
award in Azad University, Central Tehran Branch. His current
research interests are in the areas of communication and
networking, Internet QoS, Microprocessors, and Information
Technology.
Alireza Hedayati : Completed his
B.S., M.S. and Ph.D., studies in
Computer Engineering in Iran, dated
2000, 2004, and 2011, respectively.
He joined the Faculty of Computer
Engineering Department at Islamic
Azad University (Central Tehran
Branch) in 2005. His research
interests include Mobile value added
services, Next generation networks,
Network Management.
Cloud Computing
Intrusion Detection System
Virtualization
Genetic Algorithm
Hypervisor-Based
Intrusion
Cloud intrusion detection datasets are able to detect cloud
attacks. Cloud based IDS were able to detect 94% of
Random sets of cloud attacks. By adding background
traffic retrieved from darpa, IDS was able to detect the
same percentage of attacks and no false positive alarm is
raised while filtering background traffic.
[1] S. INSTITUTE, "Understanding Intrusion Detection
System," SANS INTITUTE INFO SECTION
READING ROOM, 2001.
[2] A. Zarrabi, "Internet Intrusion Detection System Service
in a Cloud," IJCSI International Journal of
Computer Science, 2012, vol. 9, no. 5.
[3] C. Lawrence, "Intrusion Prevention Systems: The
Future of Intrusion Detection," in Intrusion Prevention
Systems: The Future of Intrusion Detection, Auckland,
2004.
[4] Office of Privacy Commissioner Of CANADA,
"www.priv.gc.ca," Introduction to Cloud Computing.
[Online]. (accessed in Nov 18, 2014)
[5] M. Boniface, B. Nasser, J. Papay and S. C. Phillips,
"Platform-as-a-Service Architecture for Real-Time
Quality of Service Management in Clouds," in Internet
and Web Applications and Services (ICIW), 2010 Fifth
International Conference on, Barcelona.
[6] A. Ziarati, ""A multilevel evolutionary algorithm for
optimizing nu-merical functions"," IJIEC, 2011, vol. 2.
[7] Hisham A. Kholidy, Fabrizio Baiardi. A cloud
intrusion detection dataset for cloud computing
and masquerade attacks, new generations, in proc.
Ninth International Conference on Information
Technology- New Generations, 2012, pp. 397-402.
[8] A.bakshi, and B.Yogesh. Securing Cloud from DDOS
Attacks Using Intrusion Detection System in Virtual
Machine, in proc. Second International Conference on
Communication Software and Networks, 2010, pp. 260-
264.
[9] H. Li, and D. Liu. Research on Intelligent Intrusion
Prevention System Based on Snort, in proc.
International Conference on Computer, Mechatronics,
Control and Electronic Engineering (CMCE), 2010
,vol. 1, pp. 251-253.
[10] DARPA: , MIT Lincoln Laboratory, DARPA datasets,
MIT,USA,
http://www.ll.mit.edu/mission/communications/ist/corp
ora/ideval/data/index.html (accessed in August 29,
2014). [11] (2010), Symantec [online], Available :
http://www.symantec.com/connect/articles/strategiesreduce-
false-positives-false-negativesnids.