C4.5: programs for machine learning
C4.5: programs for machine learning
SAAM: a method for analyzing the properties of software architectures
ICSE '94 Proceedings of the 16th international conference on Software engineering
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Architecture-level modifiability analysis (ALMA)
Journal of Systems and Software
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
The virtual resource manager: an architecture for SLA-aware resource management
CCGRID '04 Proceedings of the 2004 IEEE International Symposium on Cluster Computing and the Grid
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
CIVIC: a Hypervisor based Virtual Computing Environment
ICPPW '07 Proceedings of the 2007 International Conference on Parallel Processing Workshops
netWorker - Cloud computing: PC functions move onto the web
A taxonomy of intrusion response systems
International Journal of Information and Computer Security
Quantification of Security for Compute Intensive Workloads in Clouds
ICPADS '09 Proceedings of the 2009 15th International Conference on Parallel and Distributed Systems
A mission-impact-based approach to INFOSEC alarm correlation
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
ACM Computing Surveys (CSUR)
Regression analysis of the number of association rules
International Journal of Automation and Computing
Editorial: Recent developments in high performance computing and security: An editorial
Future Generation Computer Systems
| Hi-index | 0.00 |
Virtual machines have attracted significant attention especially within the high performance computing community. However, there remain problems with respect to security in general and intrusion detection and diagnosis in particular which underpin the realization of the potential offered by this emerging technology. In this paper, one such problem has been highlighted, i.e., intrusion severity analysis for large-scale virtual machine based systems, such as clouds. Furthermore, the paper proposes a solution to this problem for the first time for clouds. The proposed solution achieves virtual machine specific intrusion severity analysis while preserving isolation between the security module and the monitored virtual machine. Furthermore, an automated approach is adopted to significantly reduce the overall intrusion response time. The paper includes a detailed description of the solution and an evaluation of our approach with the objective to determine the effectiveness and potential of this approach. The evaluation includes both architectural and experimental evaluation thereby enabling us to strengthen our approach at an architectural level as well. Finally, open problems and challenges that need to be addressed in order to make further improvements to the proposed approach have been highlighted.