Publication Type:

Conference Paper

Source:

2015 1st International Conference on Telematics and Future Generation Networks (TAFGEN) (2015)

Keywords:

Cloud computing, cloud infrastructure, cloud service provider, Computer crime, computer network security, CSP, Databases, DDoS attack, defence mechanism, distributed denial of service attack, DoS Attack, files integrity verification test, Formal verification, HIDS, Hypervisor, Intrusion detection, Intrusion Detection and Prevention System, intrusion prevention system, IT Infrastructure, Kernel, Linux, open source host based intrusion detection system, open source security event correlator, OSSEC, persistent attacks, resource sharing, rootkit, stealthy rootkit, trojan, Virtual machine, Virtual machine monitors, virtual machines, Virtual machining, Virtualization, virtualization technology, virtualized cloud environment, Windows based rootkits

Abstract:

Cloud Computing enabled by virtualization technology exhibits revolutionary change in IT Infrastructure. Hypervisor is a pillar of virtualization and it allows sharing of resources to virtual machines. Vulnerabilities present in virtual machine leveraged by an attacker to launch the advanced persistent attacks such as stealthy rootkit, Trojan, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack etc. Virtual Machines are prime target for malignant cloud user or an attacker to launch attacks as they are easily available for rent from Cloud Service Provider (CSP). Attacks on virtual machine can disrupt the normal operation of cloud infrastructure. In order to secure the virtual environment, defence mechanism is highly imperative at each virtual machine to identify the attacks occurring at virtual machine in timely manner. This work proposes In-and-Out-of-the-Box Virtual Machine and Hypervisor based Intrusion Detection and Prevention System for virtualized environment to ensure robust state of the virtual machine by detecting followed by eradicating rootkits as well as other attacks. We conducted experiments using popular open source Host based Intrusion Detection System (HIDS) called Open Source SECurity Event Correlator (OSSEC). Both Linux and windows based rootkits, DoS attack, Files integrity verification test are conducted and they are successfully detected by OSSEC

Cite this Research Publication

Ajay Kumara and D, J. C., “Hypervisor and Virtual Machine Dependent Intrusion Detection and Prevention System for Virtualized Cloud Environment”, in 2015 1st International Conference on Telematics and Future Generation Networks (TAFGEN), 2015.

207
PROGRAMS
OFFERED
6
AMRITA
CAMPUSES
15
CONSTITUENT
SCHOOLS
A
GRADE BY
NAAC, MHRD
8th
RANK(INDIA):
NIRF 2018
150+
INTERNATIONAL
PARTNERS