CloudIDEA: A Malware Defense Architecture for Cloud Data Centers
نویسندگان
چکیده
Due to the proliferation of cloud computing, cloud-based systems are becoming an increasingly attractive target for malware. In an Infrastructure-as-a-Service (IaaS) cloud, malware located in a customer’s virtual machine (VM) affects not only this customer, but may also attack the cloud infrastructure and other co-hosted customers directly. This paper presents CloudIDEA, an architecture that provides a security service for malware defense in cloud environments. It combines lightweight intrusion monitoring with on-demand isolation, evidence collection, and in-depth analysis of VMs on dedicated analysis hosts. A dynamic decision engine makes on-demand decisions on how to handle suspicious events considering cost-efficiency and quality-of-service constraints.
منابع مشابه
Energy Aware Resource Management of Cloud Data Centers
Cloud Computing, the long-held dream of computing as a utility, has the potential to transform a large part of the IT industry, making software even more attractive as a service and shaping the way IT hardware is designed and purchased. Virtualization technology forms a key concept for new cloud computing architectures. The data centers are used to provide cloud services burdening a significant...
متن کاملImpregnable Defence Architecture using Dynamic Correlation-based Graded Intrusion Detection System for Cloud
Data security and privacy are perennial concerns related to cloud migration, whether it is about applications, business or customers. In this paper, novel security architecture for the cloud environment designed with intrusion detection and prevention system (IDPS) components as a graded multi-tier defense framework. It is a defensive formation of collaborative IDPS components with dynamically ...
متن کاملAnti-virus in-the-cloud service: are we ready for the security evolution?
The ever‐increasing malware variants pose serious challenges for traditional signature‐based anti‐virus (AV) scan engines. To effectively handle the scale and magnitude of new malware variants, AV functionality is being moved from the user desktop into the cloud. AV in‐the‐cloud service is becoming the next‐generation security infrastructure designed to defend against virus threats. It provides...
متن کاملOptimum Location for Backup Land Uses From the Perspective of Passive Defense in Urmia City: A Case Study
This study aim is to find the optimal location form backup land uses from the perspective of passive defense in Urmia City. This is an applied, descriptive, and analytical study. Data collection was done using documentary data, a field study, and a questionnaire. Participants were 10 experts in this subject, who were selected purposefully. Using the analytic network process (ANP), a dynamic and...
متن کاملData - Centric Approaches to Kernel Malware Defense
Rhee, Junghwan Ph.D., Purdue University, August 2011. Data-Centric Approaches to Kernel Malware Defense. Major Professor: Dongyan Xu. An operating system kernel is the core of system software which is responsible for the integrity and operations of a conventional computer system. Authors of malicious software (malware) have been continuously exploring various attack vectors to tamper with the k...
متن کامل