Search Word(s) in Title, Keywords, Authors, and Abstract: User-Level

Study of Danger-Theory-Based Intrusion Detection Technology in Virtual Machines of Cloud Computing Environment
Ruirui Zhang and Xin Xiao
Page: 239~251, Vol. 14, No.1, 2018
10.3745/JIPS.03.0089

Keywords: Artificial Immune, Cloud Computing, Danger Theory, Intrusion Detection, Virtual Machine
Show / Hide Abstract
In existing cloud services, information security and privacy concerns have been worried, and have become one of the major factors that hinder the popularization and promotion of cloud computing. As the cloud computing infrastructure, the security of virtual machine systems is very important. This paper presents an immune-inspired intrusion detection model in virtual machines of cloud computing environment, denoted IVMIDS, to ensure the safety of user-level applications in client virtual machines. The model extracts system call sequences of programs, abstracts them into antigens, fuses environmental information of client virtual machines into danger signals, and implements intrusion detection by immune mechanisms. The model is capable of detecting attacks on processes which are statically tampered, and is able to detect attacks on processes which are dynamically running. Therefore, the model supports high real time. During the detection process, the model introduces information monitoring mechanism to supervise intrusion detection program, which ensures the authenticity of the test data. Experimental results show that the model does not bring much spending to the virtual machine system, and achieves good detection performance. It is feasible to apply IVMIDS to the cloud computing platform.


Eager Data Transfer Mechanism for Reducing Communication Latency in User-Level Network Protocols
Chulho Won, Ben Lee, Kyoung Park and Myung-Joon Kim
Page: 133~144, Vol. 4, No.4, 2008
10.3745/JIPS.2008.4.4.133
Keywords: Data Transfer, Cache Coherence, User-Level, Low-Latency, Network Protocols, Message, VIA
Show / Hide Abstract
Clusters have become a popular alternative for building high-performance parallel computing systems. Today¡¯s high-performance system area network (SAN) protocols such as VIA and IBA significantly reduce user-to-user communication latency by implementing protocol stacks outside of operating system kernel. However, emerging parallel applications require a significant improvement in communication latency. Since the time required for transferring data between host memory and network interface (NI) make up a large portion of overall communication latency, the reduction of data transfer time is crucial for achieving low-latency communication. In this paper, Eager Data Transfer (EDT) mechanism is proposed to reduce the time for data transfers between the host and network interface. The EDT employs cache coherence interface hardware to directly transfer data between the host and NI. An EDT-based network interface was modeled and simulated on the Linux-based, complete system simulation environment, Linux/SimOS. Our simulation results show that the EDT approach significantly reduces the data transfer time compared to DMA-based approaches. The EDTbased NI attains 17% to 38% reduction in user-to-user message time compared to the cache-coherent DMA-based NIs for a range of message sizes (64 bytes ~ 4 Kbytes) in a SAN environment.