An Intelligent Anomaly Detection and Reasoning Scheme for VM Live Migration via Cloud Data Mining

Cloud computing operators provide flexible, convenient, and affordable means to access public and private services. Virtual machine (VM) live migration, as an important feature of virtualization technique in cloud computing, ensures high efficiency and performance of computing infrastructure, while it stays transparent to clients. However, VM live migration is observed to cover anomalies due to their statistical similarity. To tackle the critical security issue, in this work, we propose an intelligent scheme to mine statistical data from cloud infrastructure to detect anomalies even if VMs are migrated to a new host with different infrastructure settings. In addition to detection of the existence of anomalies, our scheme is capable of identifying the possible sources of anomalies, which gives administrators clues to pinpoint and clear the anomalies.

[1]  Byung Suk Lee,et al.  Performance Evaluation of Main-Memory R-tree Variants , 2003, SSTD.

[2]  VARUN CHANDOLA,et al.  Anomaly detection: A survey , 2009, CSUR.

[3]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[4]  Jessica Lin,et al.  HOT SAX: Finding the Most Unusual Time Series Subsequence: Algorithms and Applications , 2004 .

[5]  Wei Wang,et al.  Secured and reliable VM migration in personal cloud , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[6]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD '00.

[7]  Jaideep Srivastava,et al.  A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection , 2003, SDM.

[8]  Nitin,et al.  A novel approach for security in Cloud Computing using Hidden Markov Model and clustering , 2011, 2011 World Congress on Information and Communication Technologies.

[9]  Antonin Guttman,et al.  R-trees: a dynamic index structure for spatial searching , 1984, SIGMOD '84.

[10]  Eamonn J. Keogh,et al.  Finding the most unusual time series subsequence: algorithms and applications , 2006, Knowledge and Information Systems.

[11]  Jennifer G. Dy,et al.  A Novel Feature Selection for Intrusion Detection in Virtual Machine Environments , 2011, 2011 IEEE 23rd International Conference on Tools with Artificial Intelligence.

[12]  Nick Roussopoulos,et al.  Nearest neighbor queries , 1995, SIGMOD '95.

[13]  Ian H. Witten,et al.  The WEKA data mining software: an update , 2009, SKDD.

[14]  Shu-Ching Chen,et al.  UNPCC: A Novel Unsupervised Classification Scheme for Network Intrusion Detection , 2006, 2006 18th IEEE International Conference on Tools with Artificial Intelligence (ICTAI'06).

[15]  Long Xiang,et al.  Seamless virtual machine live migration on network security enhanced hypervisor , 2009, 2009 2nd IEEE International Conference on Broadband Network & Multimedia Technology.

[16]  อนิรุธ สืบสิงห์,et al.  Data Mining Practical Machine Learning Tools and Techniques , 2014 .

[17]  Lei Liu,et al.  An LOF-Based Adaptive Anomaly Detection Scheme for Cloud Computing , 2013, 2013 IEEE 37th Annual Computer Software and Applications Conference Workshops.

[18]  Eamonn J. Keogh,et al.  A symbolic representation of time series, with implications for streaming algorithms , 2003, DMKD '03.

[19]  Jack Dongarra,et al.  ScaLAPACK: a scalable linear algebra library for distributed memory concurrent computers , 1992, [Proceedings 1992] The Fourth Symposium on the Frontiers of Massively Parallel Computation.