Virtual machine anomaly detection based on partitioning detection domain

Virtual machine is an important part of cloud platform. Ensuring virtual machine running correctly is of great significance to ensure the availability of cloud service. Due to cloud platform has characteristics of the large number of virtual machines and dynamic change of running environment, it's hard to accept the cost of collecting training data for anomaly detector and training the anomaly detector. This paper focuses on insufficient training data set for anomaly detector training of virtual machine of cloud platform and high cost of detector training, and does research on how to improve anomaly detection accuracy and efficiency under the condition that there is not enough training data for anomaly detector. Concretely speaking, main research contents and highlights of this paper are described as follows: It puts forward a virtual machine detection domain partitioning strategy based on K-medoids according to the virtual machine running environment, thereby, improving the accuracy and efficiency of anomaly detection. Meanwhile, this paper optimizes the steps of clustering iteration updating, to enhance the speed of detecting area partitioning. The experiment result shows that, the improved clustering algorithm has lower time complexity, and the virtual machine anomaly detection strategy based on detection domain partitioning possesses higher accuracy and efficiency.

[1]  Robert P. Goldberg,et al.  Survey of virtual machine research , 1974, Computer.

[2]  M. V. Velzen,et al.  Self-organizing maps , 2007 .

[3]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[4]  Hae-Sang Park,et al.  A simple and fast algorithm for K-medoids clustering , 2009, Expert Syst. Appl..

[5]  Jie Wu,et al.  A Self-tuning Failure Detection Scheme for Cloud Computing Service , 2012, 2012 IEEE 26th International Parallel and Distributed Processing Symposium.

[6]  Vanish Talwar,et al.  Online detection of utility cloud anomalies using metric distributions , 2010, 2010 IEEE Network Operations and Management Symposium - NOMS 2010.

[7]  Jianguo Liu,et al.  A self-evolving anomaly detection framework for developing highly dependable utility clouds , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).

[8]  Anil K. Jain,et al.  Algorithms for Clustering Data , 1988 .

[9]  Barak A. Pearlmutter,et al.  Detecting intrusions using system calls: alternative data models , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[10]  Sanjay Chawla,et al.  SLOM: a new measure for local spatial outliers , 2006, Knowledge and Information Systems.