Title :
VNIDS: A virtual machine-based network intrusion detection system
Author :
Zhao, Feng ; Yang, Weiping ; Jin, Hai ; Wu, Song
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
In recent years, virtualization technology has been widely applied to traditional computing environment. As it provides strong flexibility, the security in face of attacks to network services becomes a significant challenge. In this paper, we propose a novel architecture to detect intrusion in virtual computing environment and implement a prototype, named VNIDS. In this system, a particular VM is designed to provide intrusion detection services for other VMs. Especially, the rule list can be constructed dynamically for each virtual machine respectively. Moreover, the data detector, which is the core component of VNIDS and isolated from the target virtual machines, has a good view about the state of the target virtual machines. Additionally, in order to transmit the detection information generated by the VNIDS to the target VM, a cross-domain communication module is introduced. Finally, we use a series of intrusion tools to validate VNIDS and the experiment results indicate that it can detect attacks effectively.
Keywords :
security of data; virtual machines; VNIDS; network intrusion detection system; virtual computing environment; virtual machine; virtualization technology; Computer architecture; Computer networks; Computer science; Condition monitoring; Face detection; Intrusion detection; Virtual machine monitors; Virtual machining; Virtual manufacturing; Voice mail; intrusion detection; virtual machine;
Conference_Titel :
Anti-counterfeiting, Security and Identification, 2008. ASID 2008. 2nd International Conference on
Conference_Location :
Guiyang
Print_ISBN :
978-1-4244-2584-6
Electronic_ISBN :
978-1-4244-2585-3
DOI :
10.1109/IWASID.2008.4688384
