Autonomous Agent Based Intrusion Detection in Virtual Computing Environment
One of the motivations for virtualization technology is the desire to develop new services to enhance system security without trusting both the applications and the operating systems. An intrusion detection system is an example of such service that can help to isolate users from malicious attacks. In this paper, we propose hybrid-based intrusion detection architecture in virtual computing environment to detect and isolate harmful behaviors by real-time monitoring and alarming. In contrast to monolithic intrusion detection system, we introduce autonomous agents, acting independently of each other, to monitor the system. The agents are deployed in virtual machines to analyze actions occurring on the network and inside the hosts to determine whether they are potential security violations or not. Our architecture is implemented based on Xen, and the detection management center is deployed in a secure virtual machine.
intrusion detection autonomous agent virtual computing environment
Alex K. Ohoussou Hai Jin Deqing Zou Feng Zhao Guofu Xiang Ge Cheng
Cluster and Grid Computing Lab Services Computing Technology and System Lab Huazhong University of S Cluster and Grid Computing Lab Services Computing Technology and System Lab Huazhong University of S
国际会议
北京
英文
1-5
2010-06-25(万方平台首次上网日期,不代表论文的发表时间)