An Automatic Intrusion Diagnosis Approach for Clouds
-
Graphical Abstract
-
Abstract
Virtual machines have attracted significant attention especially within the high performance computing community. However, there remain problems with respect to security in general and intrusion detection and diagnosis in particular which underpin the realization of the potential offered by this emerging technology. In this paper, one such problem has been highlighted, i.e., intrusion severity analysis for large-scale virtual machine based systems, such as clouds. Furthermore, the paper proposes a solution to this problem for the first time for clouds. The proposed solution achieves virtual machine specific intrusion severity analysis while preserving isolation between the security module and the monitored virtual machine. Furthermore, an automated approach is adopted to significantly reduce the overall intrusion response time. The paper includes a detailed description of the solution and an evaluation of our approach with the objective to determine the effectiveness and potential of this approach. The evaluation includes both architectural and experimental evaluation thereby enabling us to strengthen our approach at an architectural level as well. Finally, open problems and challenges that need to be addressed in order to make further improvements to the proposed approach have been highlighted.
-
-