Open Access
Subscription Access
Open Access
Subscription Access
Protecting Virtualized Infrastructures in Cloud Computing Based on Big Data Security Analytics
Subscribe/Renew Journal
Virtualized infrastructure in cloud computing has become an attractive target for cyber attackers to launch advanced attacks. This paper proposes a novel big data based security analytics approach to detecting advanced attacks in virtualized infrastructures. Network logs as well as user application logs collected periodically from the guest virtual machines (VMs) are stored in the Hadoop Distributed File System (HDFS). Then, extraction of attack features is performed through graph-based event correlation and Map Reduce parser based identification of potential attack paths. Next, determination of attack presence is performed through two-step machine learning, namely logistic regression is applied to calculate attack’s conditional probabilities with respect to the attributes, and belief propagation is applied to calculate the belief in existence of an attack based on them. Experiments are conducted to evaluate the proposed approach using well-known malware as well as in comparison with existing security techniques for virtualized infrastructure. The results show that our proposed approach is effective in detecting attacks with minimal performance overhead.
Keywords
Virtualized infrastructure, Virtual Machines, Hadoop Distributed File System.
Subscription
Login to verify subscription
User
Font Size
Information
- D. Fisher, “Venom’ Flaw in Virtualization Software Could Lead to VM Escapes, Data Theft”, Available at: https://threatpost.com/venomflaw-in-virtualization-software-could-lead-to-vm-escapes-datatheft/112772/, 2015, Accessed at 2015.
- Z. Durumeric, J. Kasten, D. Adrian, J. A. Halderman, M. Bailey, F. Li, N.Weaver, J. Amann, J. Beekman and M. Payer, “The matter of Heart Bleed”, Proceedings of International Conference on Internet Measurement, pp. 475-488, 2014.
- K. Cabaj, K. Grochowski and P. Gawkowski, “Practical Problems of Internet Threats Analyses”, Proceedings of International Conference on Theory and Engineering of Complex Systems and Dependability, pp. 87-96, 2015.
- J. Oberheide, E. Cooke and F. Jahanian, “Cloudav: N-Version Antivirus in the Network Cloud”, Proceedings of International Symposium on USENIX Security, pp. 91-106, 2008.
- X. Wang, Y. Yang and Y. Zeng, “Accurate Mobile Malware Detection and Classification in the Cloud”, Springer Plus, Vol. 4, No. 1, pp. 1-23, 2015.
- N.V. Kousik, S. Jayasr and A. Daniel, “A Survey on Various Load Balancing Algorithm to Improve the Task Scheduling in Cloud Computing Environment”, Journal of Advanced Research in Dynamical and Control Systems, Vol. 11, No. 8, pp. 2397-2406, 2019.
- V. Ganesan and S.G. Dhas, “Analysis on Improving the Response Time with PIDSARSA-RAL in Clowd Flows Mining Platform”, EAI Endorsed Transactions on Energy Web, Vol. 5, No. 20, pp. 1-14, 2018.
- K. Cabaj, K. Grochowski and P. Gawkowski, “Practical Problems of Internet Threats Analyses”, Proceedings of International Conference on Dependability and Complex Systems, pp. 87-96, 2015.
- Y. Lee and D. Kim, “Threats Analysis, Requirements and Considerations for secure Internet of Things”, International Journal of Smart Home, Vol. 9, No. 12, pp. 191-198, 2015.
- S. Fedushko and E. Benova, “Semantic Analysis for Information and Communication Threats Detection of Online Service Users”, Procedia Computer Science, Vol. 160, pp. 254-259, 2019.
- Y. Lee, Y. Park and D. Kim, “Security Threats Analysis and Considerations for Internet of Things”, Proceedings of International Conference on Security Technology, pp. 28-30, 2015.
- R.E. Crossler, F. Belanger and D. Ormond, “The Quest for Complete Security: An Empirical Analysis of Users’ Multi-Layered Protection from Security Threats”, Information Systems Frontiers, Vol. 21, no. 2, pp. 343-357, 2019.
Abstract Views: 243
PDF Views: 0