Hypervisor Based IDS Solution Approach Using Hybrid Anomaly Detection Model in Cloud Computing Environment

2020 ◽  
pp. 909-920
Author(s):  
Frances Osamor ◽  
Anteneh Girma
Keyword(s):  
Cloud Computing ◽  
Anomaly Detection ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Solution Approach ◽  
Detection Model ◽  
Hybrid Anomaly

scholarly journals Study of Immune-Based Intrusion Detection Technology in Virtual Machines for Cloud Computing Environment

2017 ◽  
Vol 2017 ◽  
pp. 1-15 ◽  
Author(s):  
Ruirui Zhang ◽  
Xin Xiao
Keyword(s):  
Cloud Computing ◽  
Intrusion Detection ◽  
Virtual Machine ◽  
Virtual Machines ◽  
The State ◽  
Signal Acquisition ◽  
Computing Environment ◽  
Cloud Computing Environment ◽  
Detection Model ◽  
Detection Technology

Cloud computing platforms are usually based on virtual machines as the underlying architecture; the security of virtual machine systems is the core of cloud computing security. This paper presents an immune-based intrusion detection model in virtual machines of cloud computing environment, denoted as IB-IDS, to ensure the safety of user-level applications in client virtual machines. In the model, system call sequences and their parameters of processes are used, and environment information in the client virtual machines is extracted. Then the model simulates immune responses to ensure the state of user-level programs, which can detect attacks on the dynamic runtime of applications and has high real-time performance. There are five modules in the model: antigen presenting module, signal acquisition module, immune response module, signal measurement module, and information monitoring module, which are distributed into different levels of virtual machine environment. Performance analysis and experimental results show that the model brings a small performance overhead for the virtual machine system and has a good detection performance. It is applicable to judge the state of user-level application in guest virtual machine, and it is feasible to use it to increase the user-level security in software services of cloud computing platform.

scholarly journals A Data Mining Method Using Deep Learning for Anomaly Detection in Cloud Computing Environment

2020 ◽  
Vol 2020 ◽  
pp. 1-11
Author(s):  
Jin Gao ◽  
Jiaquan Liu ◽  
Sihua Guo ◽  
Qi Zhang ◽  
Xinyang Wang
Keyword(s):  
Data Mining ◽  
Cloud Computing ◽  
Anomaly Detection ◽  
Dimensionality Reduction ◽  
Mining Method ◽  
Computing Environment ◽  
Data Set ◽  
Cloud Computing Environment ◽  
Reduction Model ◽  
Data Mining Method

Aiming at problems such as slow training speed, poor prediction effect, and unstable detection results of traditional anomaly detection algorithms, a data mining method for anomaly detection based on the deep variational dimensionality reduction model and MapReduce (DMAD-DVDMR) in cloud computing environment is proposed. First of all, the data are preprocessed by a dimensionality reduction model based on deep variational learning and based on ensuring complete data information as much as possible, the dimensionality of the data is reduced, and the computational pressure is reduced. Secondly, the data set stored on the Hadoop Distributed File System (HDFS) is logically divided into several data blocks, and the data blocks are processed in parallel through the principle of MapReduce, so the k-distance and LOF value of each data point can only be calculated in each block. Thirdly, based on stochastic gradient descent, the concept of k-neighboring distance is redefined, thus avoiding the situation where there are greater than or equal to k-repeated points and infinite local density in the data set. Finally, compared with CNN, DeepAnt, and SVM-IDS algorithms, the accuracy of the scheme is increased by 10.3%, 18.0%, and 17.2%, respectively. The experimental data set verifies the effectiveness and scalability of the proposed DMAD-DVDMR algorithm.

Anomaly Detection for Nodes Under the Cloud Computing Environment

2021 ◽  
Vol 12 (1) ◽  
pp. 30-48
Author(s):  
Yang Lei ◽  
Ying Jiang
Keyword(s):  
Cloud Computing ◽  
Anomaly Detection ◽  
Time Window ◽  
Computing Environment ◽  
Single Node ◽  
Cloud Computing Environment ◽  
Normalized Mutual Information ◽  
Monitoring Model ◽  
The Status ◽  
Abnormal Node

Due to the services diversity and dynamic deployment, the anomalies will occur on nodes under cloud computing environment. If a single node generates an anomaly, the associated nodes are affected by the abnormal node, which will result in anomaly propagation and nodes failure. In this paper, a method of anomaly detection for nodes under the cloud computing environment is proposed. Firstly, the node monitoring model is established by the agents deployed on each node. Secondly, the comprehensive score is used to identify abnormal data. The anomaly of the single node is judged by the time window-based method. Then, the status of directly associated nodes is detected through normalized mutual information and the status of indirectly associated nodes is detected through the node attributes in the case of a single node anomaly. Finally, other associated nodes affected by the abnormal node are detected. The experimental results showed that the method in this paper can detect the anomalies of single node and associated node under the cloud computing environment effectively.

Sign in / Sign up

Export Citation Format

Share Document