Improving Hypervisor-Based Intrusion Detection in IaaS Cloud for Securing Virtual Machines  
  Authors : Shabnam Kazemi; Vahe Aghazarian; Alireza Hedayati


Cloud computing is a computer model that tries to facilitate the users’ access based on their request for the information and computing sources. In recent years, making the cloud against the attacks has become significantly important. One of the security methods is the use of intrusion detection systems. In these systems, when a suspicious event that represents an abuse occurs, warning are made to inform the production system managers. Source sharing is the most important part in cloud computing. Therefore, nowadays, cloud providers use the virtualization technology to share the sources, which is available in two levels including virtual machine and hypervisor. In the infrastructure, the cloud virtual machines are shared with other organizations virtual machines as the service. In this paper, it is tried to use the virtualization properties in the hypervisor level and improve the IDS in the infrastructure layer of cloud computing. In fact, genetic algorithm is used to improve IDS.


Published In : IJCAT Journal Volume 2, Issue 9

Date of Publication : September 2015

Pages : 334 - 340

Figures :05

Tables : 02

Publication Link :Improving Hypervisor-Based Intrusion Detection in IaaS Cloud for Securing Virtual Machines




Shabnam Kazemi : received the MSc degree in computer engineering from Azad University, International Branch, Kish, IRAN, in 2015. His current research interests are in the areas of communication and networking, and Information Technology.

Vahe Aghazarian : received the MSc and Ph.D. degrees in computer engineering from Azad University, Sciences and Research Branch, Tehran, IRAN, in 2002, and 2007. He obtained the top student awards in MSc and Ph.D. courses. He is currently an assistant professor in the Department of Computer Science, Azad University, Central Branch, Tehran, IRAN. In 2008, Dr. Vahe Aghazarian won top researcher award in Azad University, Central Tehran Branch. His current research interests are in the areas of communication and networking, Internet QoS, Microprocessors, and Information Technology.

Alireza Hedayati : Completed his B.S., M.S. and Ph.D., studies in Computer Engineering in Iran, dated 2000, 2004, and 2011, respectively. He joined the Faculty of Computer Engineering Department at Islamic Azad University (Central Tehran Branch) in 2005. His research interests include Mobile value added services, Next generation networks, Network Management.








Cloud Computing

Intrusion Detection System


Genetic Algorithm

Hypervisor-Based Intrusion

Cloud intrusion detection datasets are able to detect cloud attacks. Cloud based IDS were able to detect 94% of Random sets of cloud attacks. By adding background traffic retrieved from darpa, IDS was able to detect the same percentage of attacks and no false positive alarm is raised while filtering background traffic.










[1] S. INSTITUTE, "Understanding Intrusion Detection System," SANS INTITUTE INFO SECTION READING ROOM, 2001. [2] A. Zarrabi, "Internet Intrusion Detection System Service in a Cloud," IJCSI International Journal of Computer Science, 2012, vol. 9, no. 5. [3] C. Lawrence, "Intrusion Prevention Systems: The Future of Intrusion Detection," in Intrusion Prevention Systems: The Future of Intrusion Detection, Auckland, 2004. [4] Office of Privacy Commissioner Of CANADA, "," Introduction to Cloud Computing. [Online]. (accessed in Nov 18, 2014) [5] M. Boniface, B. Nasser, J. Papay and S. C. Phillips, "Platform-as-a-Service Architecture for Real-Time Quality of Service Management in Clouds," in Internet and Web Applications and Services (ICIW), 2010 Fifth International Conference on, Barcelona. [6] A. Ziarati, ""A multilevel evolutionary algorithm for optimizing nu-merical functions"," IJIEC, 2011, vol. 2. [7] Hisham A. Kholidy, Fabrizio Baiardi. A cloud intrusion detection dataset for cloud computing and masquerade attacks, new generations, in proc. Ninth International Conference on Information Technology- New Generations, 2012, pp. 397-402. [8] A.bakshi, and B.Yogesh. Securing Cloud from DDOS Attacks Using Intrusion Detection System in Virtual Machine, in proc. Second International Conference on Communication Software and Networks, 2010, pp. 260- 264. [9] H. Li, and D. Liu. Research on Intelligent Intrusion Prevention System Based on Snort, in proc. International Conference on Computer, Mechatronics, Control and Electronic Engineering (CMCE), 2010 ,vol. 1, pp. 251-253. [10] DARPA: , MIT Lincoln Laboratory, DARPA datasets, MIT,USA, ora/ideval/data/index.html (accessed in August 29, 2014). [11] (2010), Symantec [online], Available : false-positives-false-negativesnids.