Efficient discovery of malicious symptoms in clouds via monitoring virtual machines

Sultan S. Alshamrani; Dariusz R. Kowalski; Leszek A. Gasieniec

doi:10.1109/CIT/IUCC/DASC/PICOM.2015.257

Efficient discovery of malicious symptoms in clouds via monitoring virtual machines

Sultan S. Alshamrani, Dariusz R. Kowalski, Leszek A. Gasieniec

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

11 Scopus citations

Abstract

In this new era of life, where technology covers our life from the early morning to late night, cybercrime is becoming more developed and challenging for the systems designers. The reason is reflected in the increased number of ways used by criminals. Cloud computing systems are natural goals due to their complexity and increasing popularity. The Cloud system provides an environment with a big number of Virtual Machines (VMs) that available to many users accessing this system via the Internet. This way of access makes cloud systems weaker than physical networks. In order to reduce the number of attacks and secure data storage, any malicious behaviour should be discovered and halted if possible. In this paper, we focus on discovery of malicious behaviour via determining unwanted symptoms rather than via targeting particular malicious behaviour of the system directly. The main motivation for our approach is that malicious behaviour (e.g., a new form of threat) is very often hard to specify directly, but it can be characterized by a set of undesired symptoms. The main contribution of this paper refers to several new mechanisms for monitoring Virtual Machines and further experimental work targeting efficient ways of visiting VMs in order to discover malicious symptoms.

Original language	English (US)
Title of host publication	Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
Editors	Luigi Atzori, Xiaolong Jin, Stephen Jarvis, Lei Liu, Ramon Aguero Calvo, Jia Hu, Geyong Min, Nektarios Georgalas, Yulei Wu
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1703-1710
Number of pages	8
ISBN (Electronic)	9781509001545
DOIs	https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.257
State	Published - Dec 22 2015
Externally published	Yes
Event	15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 - Liverpool, United Kingdom Duration: Oct 26 2015 → Oct 28 2015

Publication series

Name	Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

Conference

Conference	15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015
Country/Territory	United Kingdom
City	Liverpool
Period	10/26/15 → 10/28/15

Keywords

Cloud computing, Reduce-Max
Cloud monitoring
Malicious behaviour
Network patrolling
Virtual Machines

ASJC Scopus subject areas

Information Systems
Artificial Intelligence
Computer Networks and Communications

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1109/CIT/IUCC/DASC/PICOM.2015.257

Cite this

Alshamrani, S. S., Kowalski, D. R., & Gasieniec, L. A. (2015). Efficient discovery of malicious symptoms in clouds via monitoring virtual machines. In L. Atzori, X. Jin, S. Jarvis, L. Liu, R. A. Calvo, J. Hu, G. Min, N. Georgalas, & Y. Wu (Eds.), Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 (pp. 1703-1710). Article 7363303 (Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.257

Efficient discovery of malicious symptoms in clouds via monitoring virtual machines. / Alshamrani, Sultan S.; Kowalski, Dariusz R.; Gasieniec, Leszek A.
Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. ed. / Luigi Atzori; Xiaolong Jin; Stephen Jarvis; Lei Liu; Ramon Aguero Calvo; Jia Hu; Geyong Min; Nektarios Georgalas; Yulei Wu. Institute of Electrical and Electronics Engineers Inc., 2015. p. 1703-1710 7363303 (Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Alshamrani, SS, Kowalski, DR & Gasieniec, LA 2015, Efficient discovery of malicious symptoms in clouds via monitoring virtual machines. in L Atzori, X Jin, S Jarvis, L Liu, RA Calvo, J Hu, G Min, N Georgalas & Y Wu (eds), Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015., 7363303, Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, Institute of Electrical and Electronics Engineers Inc., pp. 1703-1710, 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015, Liverpool, United Kingdom, 10/26/15. https://doi.org/10.1109/CIT/IUCC/DASC/PICOM.2015.257

Alshamrani SS, Kowalski DR, Gasieniec LA. Efficient discovery of malicious symptoms in clouds via monitoring virtual machines. In Atzori L, Jin X, Jarvis S, Liu L, Calvo RA, Hu J, Min G, Georgalas N, Wu Y, editors, Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. Institute of Electrical and Electronics Engineers Inc. 2015. p. 1703-1710. 7363303. (Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015). doi: 10.1109/CIT/IUCC/DASC/PICOM.2015.257

Alshamrani, Sultan S. ; Kowalski, Dariusz R. ; Gasieniec, Leszek A. / Efficient discovery of malicious symptoms in clouds via monitoring virtual machines. Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015. editor / Luigi Atzori ; Xiaolong Jin ; Stephen Jarvis ; Lei Liu ; Ramon Aguero Calvo ; Jia Hu ; Geyong Min ; Nektarios Georgalas ; Yulei Wu. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 1703-1710 (Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015).

@inproceedings{32464d4118ac4fbca25625e6364e4426,

title = "Efficient discovery of malicious symptoms in clouds via monitoring virtual machines",

abstract = "In this new era of life, where technology covers our life from the early morning to late night, cybercrime is becoming more developed and challenging for the systems designers. The reason is reflected in the increased number of ways used by criminals. Cloud computing systems are natural goals due to their complexity and increasing popularity. The Cloud system provides an environment with a big number of Virtual Machines (VMs) that available to many users accessing this system via the Internet. This way of access makes cloud systems weaker than physical networks. In order to reduce the number of attacks and secure data storage, any malicious behaviour should be discovered and halted if possible. In this paper, we focus on discovery of malicious behaviour via determining unwanted symptoms rather than via targeting particular malicious behaviour of the system directly. The main motivation for our approach is that malicious behaviour (e.g., a new form of threat) is very often hard to specify directly, but it can be characterized by a set of undesired symptoms. The main contribution of this paper refers to several new mechanisms for monitoring Virtual Machines and further experimental work targeting efficient ways of visiting VMs in order to discover malicious symptoms.",

keywords = "Cloud computing, Reduce-Max, Cloud monitoring, Malicious behaviour, Network patrolling, Virtual Machines",

author = "Alshamrani, {Sultan S.} and Kowalski, {Dariusz R.} and Gasieniec, {Leszek A.}",

year = "2015",

month = dec,

day = "22",

doi = "10.1109/CIT/IUCC/DASC/PICOM.2015.257",

language = "English (US)",

series = "Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "1703--1710",

editor = "Luigi Atzori and Xiaolong Jin and Stephen Jarvis and Lei Liu and Calvo, {Ramon Aguero} and Jia Hu and Geyong Min and Nektarios Georgalas and Yulei Wu",

booktitle = "Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015",

note = "15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015 ; Conference date: 26-10-2015 Through 28-10-2015",

}

TY - GEN

T1 - Efficient discovery of malicious symptoms in clouds via monitoring virtual machines

AU - Alshamrani, Sultan S.

AU - Kowalski, Dariusz R.

AU - Gasieniec, Leszek A.

PY - 2015/12/22

Y1 - 2015/12/22

N2 - In this new era of life, where technology covers our life from the early morning to late night, cybercrime is becoming more developed and challenging for the systems designers. The reason is reflected in the increased number of ways used by criminals. Cloud computing systems are natural goals due to their complexity and increasing popularity. The Cloud system provides an environment with a big number of Virtual Machines (VMs) that available to many users accessing this system via the Internet. This way of access makes cloud systems weaker than physical networks. In order to reduce the number of attacks and secure data storage, any malicious behaviour should be discovered and halted if possible. In this paper, we focus on discovery of malicious behaviour via determining unwanted symptoms rather than via targeting particular malicious behaviour of the system directly. The main motivation for our approach is that malicious behaviour (e.g., a new form of threat) is very often hard to specify directly, but it can be characterized by a set of undesired symptoms. The main contribution of this paper refers to several new mechanisms for monitoring Virtual Machines and further experimental work targeting efficient ways of visiting VMs in order to discover malicious symptoms.

AB - In this new era of life, where technology covers our life from the early morning to late night, cybercrime is becoming more developed and challenging for the systems designers. The reason is reflected in the increased number of ways used by criminals. Cloud computing systems are natural goals due to their complexity and increasing popularity. The Cloud system provides an environment with a big number of Virtual Machines (VMs) that available to many users accessing this system via the Internet. This way of access makes cloud systems weaker than physical networks. In order to reduce the number of attacks and secure data storage, any malicious behaviour should be discovered and halted if possible. In this paper, we focus on discovery of malicious behaviour via determining unwanted symptoms rather than via targeting particular malicious behaviour of the system directly. The main motivation for our approach is that malicious behaviour (e.g., a new form of threat) is very often hard to specify directly, but it can be characterized by a set of undesired symptoms. The main contribution of this paper refers to several new mechanisms for monitoring Virtual Machines and further experimental work targeting efficient ways of visiting VMs in order to discover malicious symptoms.

KW - Cloud computing, Reduce-Max

KW - Cloud monitoring

KW - Malicious behaviour

KW - Network patrolling

KW - Virtual Machines

UR - http://www.scopus.com/inward/record.url?scp=84964296351&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84964296351&partnerID=8YFLogxK

U2 - 10.1109/CIT/IUCC/DASC/PICOM.2015.257

DO - 10.1109/CIT/IUCC/DASC/PICOM.2015.257

M3 - Conference contribution

AN - SCOPUS:84964296351

T3 - Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

SP - 1703

EP - 1710

BT - Proceedings - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

A2 - Atzori, Luigi

A2 - Jin, Xiaolong

A2 - Jarvis, Stephen

A2 - Liu, Lei

A2 - Calvo, Ramon Aguero

A2 - Hu, Jia

A2 - Min, Geyong

A2 - Georgalas, Nektarios

A2 - Wu, Yulei

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 15th IEEE International Conference on Computer and Information Technology, CIT 2015, 14th IEEE International Conference on Ubiquitous Computing and Communications, IUCC 2015, 13th IEEE International Conference on Dependable, Autonomic and Secure Computing, DASC 2015 and 13th IEEE International Conference on Pervasive Intelligence and Computing, PICom 2015

Y2 - 26 October 2015 through 28 October 2015

ER -

Efficient discovery of malicious symptoms in clouds via monitoring virtual machines

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

UN SDGs

Access to Document

Other files and links

Fingerprint

Cite this