Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing: a comprehensive review

Virtualization plays a vital role in the construction of cloud computing. However, various vulnerabilities are existing in current virtualization implementations, and thus there are various security challenges at virtualization layer. In this paper, we investigate different vulnerabilities and attacks at virtualization layer of cloud computing. We examine the proposals of cloud intrusion detection system (IDS) and intrusion detection and prevention system frameworks. We recommend the cloud IDS requirements and research scope to achieve desired level of security at virtualization layer of cloud computing.

[1]  Hassan Takabi,et al.  DCDIDP: A distributed, collaborative, and data-driven intrusion detection and prevention framework for cloud computing environments , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[2]  Chundong Wang,et al.  Virtual Machine-based Intrusion Detection System Framework in Cloud Computing Environment , 2012, J. Comput..

[3]  Michael K. Reiter,et al.  Cross-VM side channels and their use to extract private keys , 2012, CCS.

[4]  Ming-Yang Su,et al.  A real-time network intrusion detection system for large-scale attacks based on an incremental mining approach , 2009, Comput. Secur..

[5]  Ajith Abraham,et al.  A Profile Based Network Intrusion Detection and Prevention System for Securing Cloud Environment , 2013, Int. J. Distributed Sens. Networks.

[6]  A. Volokyta,et al.  Secure virtualization in cloud computing , 2012, Proceedings of International Conference on Modern Problem of Radio Engineering, Telecommunications and Computer Science.

[7]  J. Reuben,et al.  A Survey on Virtual Machine Security , 2007 .

[8]  P. Sathya,et al.  Signature Based Semantic Intrusion Detection System on Cloud , 2015 .

[9]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[10]  Dinesh Singh,et al.  Collaborative IDS Framework for Cloud , 2016, Int. J. Netw. Secur..

[11]  Elsayed A. Sallam,et al.  A hybrid network intrusion detection framework based on random forests and weighted k-means , 2013 .

[12]  Siyang Zhang,et al.  A novel hybrid KPCA and SVM with GA model for intrusion detection , 2014, Appl. Soft Comput..

[13]  Hovav Shacham,et al.  Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds , 2009, CCS.

[14]  David Kaeli,et al.  Virtual machine monitor-based lightweight intrusion detection , 2011, OPSR.

[15]  Carla Merkle Westphall,et al.  Intrusion Detection for Grid and Cloud Computing , 2010, IT Professional.

[16]  Fang-Yie Leu,et al.  Detecting DoS and DDoS Attacks by Using an Intrusion Detection and Remote Prevention System , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[17]  C. Lucas,et al.  Intrusion detection using a fuzzy genetics-based learning algorithm , 2007, J. Netw. Comput. Appl..

[18]  Dijiang Huang,et al.  NICE: Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems , 2013, IEEE Transactions on Dependable and Secure Computing.

[19]  Chi-Chun Lo,et al.  A Cooperative Intrusion Detection System Framework for Cloud Computing Networks , 2010, 2010 39th International Conference on Parallel Processing Workshops.

[20]  S J Ghule,et al.  Network Intrusion Detection System using Fuzzy Logic , 2014 .

[21]  Hai Jin,et al.  VMFence: a customized intrusion prevention system in distributed virtual computing environment , 2009, ICUIMC '09.

[22]  Irfan Gul,et al.  Distributed Cloud Intrusion Detection Model , 2011 .

[23]  Mohamed Talea,et al.  Cooperative Trust Framework for Cloud Computing Based on Mobile Agents , 2015, Int. J. Commun. Networks Inf. Secur..

[24]  Dhiren R. Patel,et al.  A novel hybrid-network intrusion detection system (H-NIDS) in cloud computing , 2013, 2013 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).

[25]  Roberto Bifulco,et al.  Integrating a network IDS into an open source Cloud Computing environment , 2010, 2010 Sixth International Conference on Information Assurance and Security.

[26]  Gaby Abou Haidar,et al.  High Perception Intrusion Detection System Using Neural Networks , 2015, 2015 Ninth International Conference on Complex, Intelligent, and Software Intensive Systems.

[27]  Padam Kumar,et al.  An Immediate System Call Sequence Based Approach for Detecting Malicious Program Executions in Cloud Environment , 2015, Wirel. Pers. Commun..

[28]  Prajkta P. Chapke,et al.  Intrusion Detection System using Fuzzy Logic and Data Mining Technique , 2015, ICARCSET '15.

[29]  Gisung Kim,et al.  A novel hybrid intrusion detection method integrating anomaly detection with misuse detection , 2014, Expert Syst. Appl..

[30]  P. Mell,et al.  SP 800-145. The NIST Definition of Cloud Computing , 2011 .

[31]  Huy Kang Kim,et al.  Self-similarity Based Lightweight Intrusion Detection Method for Cloud Computing , 2011, ACIIDS.

[32]  Longbing Cao,et al.  Novel Intrusion Detection using Probabilistic Neural Network and Adaptive Boosting , 2009, ArXiv.

[33]  Ahmed Patel,et al.  An intrusion detection and prevention system in cloud computing: A systematic review , 2013, J. Netw. Comput. Appl..

[34]  KaeliDavid,et al.  Virtual machine monitor-based lightweight intrusion detection , 2011 .

[35]  N ModiChirag,et al.  Virtualization layer security challenges and intrusion detection/prevention systems in cloud computing , 2017 .

[36]  Sevil Sen,et al.  A Survey of Intrusion Detection Systems Using Evolutionary Computation , 2015 .

[37]  Zhu Wang,et al.  A research using hybrid RBF/Elman neural networks for intrusion detection system secure model , 2009, Comput. Phys. Commun..

[38]  Maria Dolores Gil Montoya,et al.  A Pareto-based multi-objective evolutionary algorithm for automatic rule generation in network intrusion detection systems , 2013, Soft Comput..

[39]  Dave Cliff,et al.  A financial brokerage model for cloud computing , 2011, Journal of Cloud Computing: Advances, Systems and Applications.

[40]  Miguel Correia,et al.  Anomaly-based intrusion detection in software as a service , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).

[41]  D. P. Gaikwad,et al.  Anomaly Based Intrusion Detection System Using Artificial Neural Network and Fuzzy Clustering , 2012 .

[42]  Nur Izura Udzir,et al.  A Cloud-based Intrusion Detection Service framework , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[43]  Min-Woo Park,et al.  Multi-level Intrusion Detection System and log management in Cloud Computing , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).

[44]  Shubhangi L. Vaikole,et al.  Intrusion Detection System in Cloud Computing Environment , 2012 .

[45]  Oleg Starostenko,et al.  Intrusion Detection and Classification of Attacks in High-Level Network Protocols Using Recurrent Neural Networks , 2008, TeNe.

[46]  Neminath Hubballi,et al.  False alarm minimization techniques in signature-based intrusion detection systems: A survey , 2014, Comput. Commun..

[47]  Philip Hingston,et al.  Evolving statistical rulesets for network intrusion detection , 2015, Appl. Soft Comput..

[48]  Sateesh K. Peddoju,et al.  HIDS: A host based intrusion detection system for cloud computing environment , 2014, International Journal of System Assurance Engineering and Management.

[49]  Muttukrishnan Rajarajan,et al.  A survey on security issues and solutions at different layers of Cloud computing , 2012, The Journal of Supercomputing.

[50]  Oleg Starostenko,et al.  Novel Algorithms and Techniques in Telecommunications and Networking , 2010 .

[51]  Muttukrishnan Rajarajan,et al.  Integrating Signature Apriori based Network Intrusion Detection System (NIDS) in Cloud Computing , 2012 .

[52]  Vijay Varadharajan,et al.  Intrusion Detection Techniques for Infrastructure as a Service Cloud , 2011, 2011 IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing.

[53]  Mehdi MORADI,et al.  A Neural Network Based System for Intrusion Detection and Classification of Attacks , 2004 .

[54]  Qassim Nasir,et al.  cl-CIDPS: A Cloud Computing Based Cooperative Intrusion Detection and Prevention System Framework , 2015, FNSS.

[55]  Kamalrulnizam Abu Bakar,et al.  Distributed Intrusion Detection in Clouds Using Mobile Agents , 2009, 2009 Third International Conference on Advanced Engineering Computing and Applications in Sciences.

[56]  Vinod Kumar Agrawal,et al.  Cloud Services Usage Profile Based Intruder Detection and Prevention System: Intrusion Meter , 2014 .

[57]  Ajith Abraham,et al.  A fingerprinting system calls approach for intrusion detection in a cloud environment , 2012, 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN).

[58]  Fabrizio Baiardi,et al.  CIDS: A Framework for Intrusion Detection in Cloud Systems , 2012, 2012 Ninth International Conference on Information Technology - New Generations.

[59]  Xin Jin,et al.  Virtual Switching Without a Hypervisor for a More Secure Cloud , 2012, Hot-ICE.

[60]  R. Shanmugavadivu NETWORK INTRUSION DETECTION SYSTEM USING FUZZY LOGIC , 2011 .

[61]  Christopher Leckie,et al.  A survey of coordinated attacks and collaborative intrusion detection , 2010, Comput. Secur..

[62]  Hu Zhengbing,et al.  A Novel Network Intrusion Detection System (NIDS) Based on Signatures Search of Data Mining , 2008, First International Workshop on Knowledge Discovery and Data Mining (WKDD 2008).

[63]  Zubair A. Baig,et al.  Controlled Virtual Resource Access to Mitigate Economic Denial of Sustainability (EDoS) Attacks against Cloud Infrastructures , 2013, 2013 International Conference on Cloud Computing and Big Data.

[64]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[65]  Sushil Jajodia,et al.  Intrusion Detection Techniques , 2004 .

[66]  Pourya Shamsolmoali,et al.  Statistical-based filtering system against DDOS attacks in cloud computing , 2014, 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI).

[67]  Yong Wang,et al.  Hypervisor-based cloud intrusion detection system , 2014, 2014 International Conference on Computing, Networking and Communications (ICNC).

[68]  Bernd Freisleben,et al.  Increasing virtual machine security in cloud environments , 2012, Journal of Cloud Computing: Advances, Systems and Applications.

[69]  Reza Azmi,et al.  MAIS-IDS: A distributed intrusion detection system using multi-agent AIS approach , 2014, Eng. Appl. Artif. Intell..

[70]  Ali A. Ghorbani,et al.  Improved competitive learning neural networks for network intrusion and fraud detection , 2012, Neurocomputing.

[71]  Yi Ding,et al.  Network security for virtual machine in cloud computing , 2010, 5th International Conference on Computer Sciences and Convergence Information Technology.

[72]  Wenjuan Li,et al.  EFM: Enhancing the performance of signature-based network intrusion detection systems using enhanced filter mechanism , 2014, Comput. Secur..