Efficient Discovery of Malicious Symptoms in Clouds via Monitoring Virtual Machines

In this new era of life, where technology covers our life from the early morning to late night, cybercrime is becoming more developed and challenging for the systems designers. The reason is reflected in the increased number of ways used by criminals. Cloud computing systems are natural goals due to their complexity and increasing popularity. The Cloud system provides an environment with a big number of Virtual Machines (VMs) that available to many users accessing this system via the Internet. This way of access makes cloud systems weaker than physical networks. In order to reduce the number of attacks and secure data storage, any malicious behaviour should be discovered and halted if possible. In this paper, we focus on discovery of malicious behaviour via determining unwanted symptoms rather than via targeting particular malicious behaviour of the system directly. The main motivation for our approach is that malicious behaviour (e.g., a new form of threat) is very often hard to specify directly, but it can be characterized by a set of undesired symptoms. The main contribution of this paper refers to several new mechanisms for monitoring Virtual Machines and further experimental work targeting efficient ways of visiting VMs in order to discover malicious symptoms.

[1]  Shaheed Zulfikar,et al.  Security and Privacy Issues in Cloud Computing Environment: A Survey Paper , 2014 .

[2]  Richard Ford,et al.  On the definition and classification of cybercrime , 2006, Journal in Computer Virology.

[3]  Jin Shao,et al.  A Runtime Model Based Monitoring Approach for Cloud , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[4]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[5]  Rajkumar Buyya,et al.  Resource Provisioning Policies to Increase IaaS Provider's Profit in a Federated Cloud Environment , 2011, 2011 IEEE International Conference on High Performance Computing and Communications.

[6]  Chris I. Dalton,et al.  A Framework for Detecting Malware in Cloud by Identifying Symptoms , 2012, 2012 IEEE 16th International Enterprise Distributed Object Computing Conference.

[7]  Vamsi Popuri Intrusion detection for grid and cloud computing , 2011 .

[8]  Niels Provos,et al.  Cybercrime 2.0: When the Cloud Turns Dark , 2009, ACM Queue.

[9]  Tyler Moore,et al.  Measuring the Cost of Cybercrime , 2012, WEIS.

[10]  Iain D. Craig,et al.  Virtual machines , 2005 .

[11]  Cong Wang,et al.  Harnessing the Cloud for Securely Outsourcing Large-Scale Systems of Linear Equations , 2013, IEEE Transactions on Parallel and Distributed Systems.

[12]  Yuval Elovici,et al.  Detection of malicious code by applying machine learning classifiers on static features: A state-of-the-art survey , 2009, Inf. Secur. Tech. Rep..

[13]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[14]  Rajkumar Buyya,et al.  Modeling and simulation of scalable Cloud computing environments and the CloudSim toolkit: Challenges and opportunities , 2009, 2009 International Conference on High Performance Computing & Simulation.

[15]  Fangai Liu,et al.  Dynamic Effective Resource Allocation Based on Cloud Computing Learning Model , 2014, J. Networks.

[16]  Kenneth P. Birman,et al.  Guide to Reliable Distributed Systems , 2012, Texts in Computer Science.