Ruirui Zhang, Xin Xiao, Journal of Information Processing Systems Vol. 14, No. 1, pp. 239-251, Feb. 2018  

10.3745/JIPS.03.0089
Keywords: artificial immune, Cloud Computing, Danger Theory, intrusion detection, Virtual Machine
Fulltext: PDF Full Text PubReader

Abstract

In existing cloud services, information security and privacy concerns have been worried, and have become one of the major factors that hinder the popularization and promotion of cloud computing. As the cloud computing infrastructure, the security of virtual machine systems is very important. This paper presents an immune-inspired intrusion detection model in virtual machines of cloud computing environment, denoted IVMIDS, to ensure the safety of user-level applications in client virtual machines. The model extracts system call sequences of programs, abstracts them into antigens, fuses environmental information of client virtual machines into danger signals, and implements intrusion detection by immune mechanisms. The model is capable of detecting attacks on processes which are statically tampered, and is able to detect attacks on processes which are dynamically running. Therefore, the model supports high real time. During the detection process, the model introduces information monitoring mechanism to supervise intrusion detection program, which ensures the authenticity of the test data. Experimental results show that the model does not bring much spending to the virtual machine system, and achieves good detection performance. It is feasible to apply IVMIDS to the cloud computing platform.

Statistics
Cite this article