Skoči na glavni sadržaj

Journal of Communications Software and Systems, Vol. 14 No. 3, 2018.

Izvorni znanstveni članak

https://doi.org/10.24138/jcomss.v14i3.537

Detection of Malware Attacks on Virtual Machines for a Self-Heal Approach in Cloud Computing using VM Snapshots

Linda Joseph orcid id orcid.org/0000-0003-1673-6410 ; Hindustan Institute of Technology and Science, Chennai, Tamil Nadu, India
Rajeswari Mukesh ; Hindustan Institute of Technology and Science, Chennai, Tamil Nadu, India

Puni tekst: engleski pdf 1.615 Kb

str. 249-257

preuzimanja: 791

citiraj

Sažetak

Cloud Computing strives to be dynamic as a service oriented architecture. The services in the SoA are rendered in terms of private, public and in many other commercial domain aspects. These services should be secured and thus are very vital to the cloud infrastructure. In order, to secure and maintain resilience in the cloud, it not only has to have the ability to identify the known threats but also to new challenges that target the infrastructure of a cloud. In this paper, we introduce and discuss a detection method of malwares from the VM logs and corresponding VM snapshots are classified into attacked and non-attacked VM snapshots. As snapshots are always taken to be a backup in the backup servers, especially during the night hours, this approach could reduce the overhead of the backup server with a self-healing capability of the VMs in the local cloud infrastructure. A machine learning approach at the hypervisor level is projected, the features being gathered from the API calls of VM instances in the IaaS level of cloud service. Our proposed scheme can have a high detection accuracy of about 93% while having the capability to classify and detect different types of malwares with respect to the VM snapshots. Finally the paper exhibits an algorithm using snapshots to detect and thus to self-heal using the monitoring components of a particular VM instances applied to cloud scenarios. The self-healing approach with machine learning algorithms can determine new threats with some prior knowledge of its functionality.

Ključne riječi

Cloud Computing; VM Snapshots; API Calls; IaaS; Self-Healing; Machine Learning Algorithms

Hrčak ID:

205758

URI

https://hrcak.srce.hr/205758

Datum izdavanja:

1.9.2018.

Posjeta: 1.366 *