article

Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments

Authors:

Nikolaos Pitropakis,

Aggelos Pikrakis,

Costas LambrinoudakisAuthors Info & Claims

International Journal of Information Security, Volume 14, Issue 4

Pages 299 - 305

Published: 01 August 2015 Publication History

Abstract

Cloud computing is gradually becoming the most popular option of Information Technology infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure and the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency attack in the kernel layer of a Xen-based cloud environment, using an implementation of the Smith---Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness.

References

[1]

Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643---666 (2004)

Digital Library

[2]

Orgill, G.L., Romney, G.W., Bailey, M.G., Orgill, P.M.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the Conference on Information Technology Education, CITC5 (2004)

[3]

Krutz, R.L., Vines, R.D.: Cloud Security: A comprehensive guide to secure Cloud Computing. Wiley, New York (2010)

[4]

Catteddu, D.: Cloud computing: benefits, risks and recommendations for information security. In: Serrão, C., Aguilera, V., Cerullo, F. (eds.) Web Application Security. Communications in Computer and Information Science, vol. 72, p 17. Springer, Berlin, Heidelberg (2010)

[5]

Kandias, M., Virvilis, N., Gritzalis, D.: The insider threat in cloud computing. In: Wolthusen S., et al. (eds.) Proceedings of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011), pp. 95---106. Springer, Switzerland, September 2011

[6]

Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM CCS, Chicago (2009)

[7]

Roschke, S., Cheng, F., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. 5, 246---255 (2010)

[8]

http://blog.xen.org/index.php/2013/07/09/xen-4-3-0-released/

[9]

Smith, T., Waterman, M.: Identification of common molecular subsequences. J. Mol. Biol. (1981)

[10]

Xiao, Z., Xiao, Y.: Security and Privacy in Cloud Computing, Communications Surveys and Tutorials, vol. 99, pp. 1---17. IEEE (2012)

[11]

Nmap: http://nmap.org/

[12]

Hping: http://www.hping.org/

[13]

Wget: http://www.gnu.org/software/wget/

[14]

Bates, A.: Dtecting Cloud Co-Residency with Network Flow Watermarking Techniques. MSC Thesis, University of Oregon, September 2012

[15]

Zhang, Y., Juels, A., Oprea, A., Reiter, A.: HomeAlone: co-residency detection in the cloud via side-channel analysis. Security and Privacy IEEE Symposium (2011)

Digital Library

[16]

Mundada, Y., Ramachndran, A., Feamster, N.: SilverLine: data and network isolation for cloud services. In: Proceedings of the USENIX Workshop on Hot Topics in Cloud Computing (HotCloud) (2011)

[17]

Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a network IDS into an open source cloud computing environment. In: Sixth International Conference on Information Assurance and Security (2010)

[18]

Schulter, A., Vieira, K., Westphal, C., Westaphal, C., Abderrrahim, S.: Intrusion detection for computational grids. In: Proceedings 2nd Internationall Conference New Technologies Mobility, and Security. IEEE Press (2008)

[19]

Cheng, F., Roschke, S., Meinel, C.: Implementing IDS management on lock-keeper. In: Proceedings of 5th Information Security Practice and Experience Conference (ISPEC 09), LNCS 5451, pp. 360---371. Springer (2009)

Digital Library

[20]

Cheng, F., Roschke, S., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. Dynamic Publishers Inc., vol. 51, pp. 246---255, Atlanta, GA 30362, USA, ISSN 1554---1010, Jan 2010

[21]

Cheng, F., Roschke, S., Meinel, C.: Intrusion detection in the cloud. In: Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, China (2009)

[22]

Bharadwaja, S., Sun, W., Niamat, M., Shen, F.: Collabra: axen hypervisor based collaborative intrusion detection system. In: Proceedings of the 8th International Conference on Information Technology: New Generations (ITNG 11), pp. 695---700. Las Vegas, Nev, USA (2011)

Digital Library

[23]

Hoang, C.: Protecting Xen hypercalls. MSC thesis, University of British Columbia July (2009)

[24]

Backtrack: http://www.backtrack-linux.org/

[25]

Douglas, J.E.: http://www.imdb.com/name/nm0235123/bio

[26]

Linux Audit: http://www.la-samhna.de/library/audit.html

[27]

SED: http://linux.die.net/man/1/sed

[28]

OpenSuse: http://www.opensuse.org/

[29]

KVM: http://www.techopedia.com/definition/28437/kernel-based-virtual-machine-kvm

Cited By

Tsetse ATweneboah-Koduah SRawal BZheng ZPrattipati M(2019)A Comparative Study of System Virtualization Performance2019 IEEE 20th International Conference on Information Reuse and Integration for Data Science (IRI)10.1109/IRI.2019.00064(372-378)Online publication date: 30-Jul-2019
https://dl.acm.org/doi/10.1109/IRI.2019.00064
Chiregi MNavimipour N(2016)A new method for trust and reputation evaluation in the cloud environments using the recommendations of opinion leaders' entities and removing the effect of troll entitiesComputers in Human Behavior10.1016/j.chb.2016.02.02960:C(280-292)Online publication date: 1-Jul-2016
https://dl.acm.org/doi/10.1016/j.chb.2016.02.029

Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Insider Attacks in Cloud Computing
TRUSTCOM '12: Proceedings of the 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications

The computer-security industry is familiar with the concept of a Malicious Insider. However, a malicious insider in the cloud might have access to an unprecedented amount of information and on a much greater scale. Given the level of threat posed by ...
State-of-the-art cloud computing security taxonomies: a classification of security challenges in the present cloud computing environment
ICACCI '12: Proceedings of the International Conference on Advances in Computing, Communications and Informatics

Cloud computing has taken center stage in the present business scenario due to its pay-as-you-use nature, where users need not bother about buying resources like hardware, software, infrastructure, etc. permanently. As much as the technological benefits,...
Enhanced-Adaptive Pattern Attack Recognition Technique E-APART Against EDoS Attacks in Cloud Computing

Cloud Computing is most widely used in current technology. It provides a higher availability of resources to greater number of end users. In the cloud era, security has develop a reformed source of worries. Distributed Denial of Service DDoS and ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image International Journal of Information Security

International Journal of Information Security Volume 14, Issue 4

August 2015

95 pages

ISSN:1615-5262

EISSN:1615-5270

Issue’s Table of Contents

Copyright © Copyright © 2015 Springer-Verlag Berlin Heidelberg.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 August 2015

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Tsetse ATweneboah-Koduah SRawal BZheng ZPrattipati M(2019)A Comparative Study of System Virtualization Performance2019 IEEE 20th International Conference on Information Reuse and Integration for Data Science (IRI)10.1109/IRI.2019.00064(372-378)Online publication date: 30-Jul-2019
https://dl.acm.org/doi/10.1109/IRI.2019.00064
Chiregi MNavimipour N(2016)A new method for trust and reputation evaluation in the cloud environments using the recommendations of opinion leaders' entities and removing the effect of troll entitiesComputers in Human Behavior10.1016/j.chb.2016.02.02960:C(280-292)Online publication date: 1-Jul-2016
https://dl.acm.org/doi/10.1016/j.chb.2016.02.029

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents