1. Feature-Fusion-Based Abnormal-Behavior-Detection Method in Virtualization Environment.
- Author
-
Zheng, Luxin, Zhang, Jian, Lin, Faxin, and Wang, Xiangyi
- Subjects
VIRTUAL machine systems ,CLOUD computing security measures ,CLOUD computing ,DATA security ,FINANCIAL institutions - Abstract
From general systems to mission-critical systems at financial and government institutions, the application scope of cloud computing services is continuously expanding. Therefore, there is a need for better methods to ensure the stability and security of the cloud data and services. Monitoring the abnormal behavior of virtual machines (VMs) is one of the most-important means to identify the causes of security incidents related to the cloud. However, current traditional abnormal-behavior-detection methods for VMs on cloud platforms face multiple challenges such as privacy protection and the semantic gap. Virtualization technology plays a key role in cloud computing. Meanwhile, virtualization security is the core issue of cloud computing security as well. To address these issues, this paper proposes a feature-fusion-based abnormal-behavior-detection method (FFABD) in a virtualization environment. This method acquires the hardware features and syscalls of the VM at the physical machine level and the virtualization level, respectively. Therefore, this method is not limited by the operating system running on the VM. This makes our method more efficient and universally applicable compared to traditional abnormal-VM-detectionmethods. The ensemble learning model performs the best among all the models, achieving an Accuracy of 99.7%. [ABSTRACT FROM AUTHOR]
- Published
- 2023
- Full Text
- View/download PDF