A fingerprinting system calls approach for intrusion detection in a cloud environment

2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN) Pub Date : 2012-11-01 DOI:10.1109/CASoN.2012.6412420

Sanchika Gupta, Padam Kumar, A. Sardana, A. Abraham

{"title":"A fingerprinting system calls approach for intrusion detection in a cloud environment","authors":"Sanchika Gupta, Padam Kumar, A. Sardana, A. Abraham","doi":"10.1109/CASoN.2012.6412420","DOIUrl":null,"url":null,"abstract":"Cloud Computing envisioned as the next generation architecture for IT enterprises, has proliferated itself due to the advantages it provides. Cloud Computing provides solutions for carrying out efficient, scalable and low cost computing. Due to the distributed nature of cloud based system, it is vulnerable to a large category of attacks out of which VM based attacks are most common. To counter these attacks we need Intrusion Detection System (IDS), which is used to monitor network traffic and policy violations from unauthorized users. Anomaly Detection is a technique of Intrusion Detection, which is used to detect intrusions by monitoring system activity and finding out patterns that do not comply with the normal behavior. In this paper an approach for anomaly detection in cloud environment is presented, which is based upon analysis of system call sequences generated by the virtual machines to the hypervisor. Our proposed implementation prevents malicious VM users to modify well known frequently executed programs.","PeriodicalId":431370,"journal":{"name":"2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CASoN.2012.6412420","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Cloud Computing envisioned as the next generation architecture for IT enterprises, has proliferated itself due to the advantages it provides. Cloud Computing provides solutions for carrying out efficient, scalable and low cost computing. Due to the distributed nature of cloud based system, it is vulnerable to a large category of attacks out of which VM based attacks are most common. To counter these attacks we need Intrusion Detection System (IDS), which is used to monitor network traffic and policy violations from unauthorized users. Anomaly Detection is a technique of Intrusion Detection, which is used to detect intrusions by monitoring system activity and finding out patterns that do not comply with the normal behavior. In this paper an approach for anomaly detection in cloud environment is presented, which is based upon analysis of system call sequences generated by the virtual machines to the hypervisor. Our proposed implementation prevents malicious VM users to modify well known frequently executed programs.

查看原文本刊更多论文

指纹识别系统在云环境中调用入侵检测方法

云计算被设想为IT企业的下一代架构，由于它提供的优势，它本身已经激增。云计算提供了执行高效、可扩展和低成本计算的解决方案。由于基于云的系统的分布式特性，它容易受到大量攻击，其中基于VM的攻击是最常见的。为了对抗这些攻击，我们需要入侵检测系统(IDS)，它用于监控来自未经授权用户的网络流量和策略违规行为。异常检测是入侵检测的一种技术，它通过监测系统活动，发现不符合正常行为的模式来检测入侵。本文提出了一种基于虚拟机对管理程序产生的系统调用序列分析的云环境异常检测方法。我们提出的实现防止恶意VM用户修改众所周知的经常执行的程序。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)

自引率

0.00%

发文量