A fuzzy-based dynamic provision approach for virtualized network intrusion detection systems

  • Authors:
  • Bo Li;Jianxin Li;Tianyu Wo;Xudong Wu;Junaid Arshad;Wantao Liu

  • Affiliations:
  • School of Computer Science and Engineering, Beihang University, Beijing, China;School of Computer Science and Engineering, Beihang University, Beijing, China;School of Computer Science and Engineering, Beihang University, Beijing, China;School of Computer Science and Engineering, Beihang University, Beijing, China;School of Computing, University of Leeds, Leeds, UK;School of Computer Science and Engineering, Beihang University, Beijing, China

  • Venue:
  • AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
  • Year:
  • 2010

Quantified Score

Hi-index 0.00

Visualization

Abstract

With the increasing prevalence of virtualization and cloud technologies, virtual security appliances have emerged and become a new way for traditional security appliances to be rapidly distributed and deployed in IT infrastructure. However, virtual security appliances are challenged with achieving optimal performance, as the physical resource is shared by several virtual machines, and this issue is aggravated when virtualizing network intrusion detection systems (NIDS). In this paper, we proposed a novel approach named fuzzyVIDS, which enables dynamic resource provision for NIDS virtual appliance. In fuzzyVIDS, we use fuzzy model to characterize the complex relationship between performance and resource demands and we develop an online fuzzy controller to adaptively control the resource allocation for NIDS under varying network traffic. Our approach has been successfully implemented in the iVIC platform. Finally, we evaluate our approach by comprehensive experiments based on Xen hypervisor and Snort NIDS and the results show that the proposed fuzzy control system can precisely allocate resources for NIDS according to its resource demands, while still satisfying the performance requirements of NIDS.