Title :
Assessing the impact of intra-cloud live migration on anomaly detection
Author :
Shirazi, Noor-ul-Hassan ; Simpson, Steven ; Marnerides, Angelos K. ; Watson, Michael ; Mauthe, Andreas ; Hutchison, David
Author_Institution :
InfoLab21, Lancaster Univ., Lancaster, UK
Abstract :
Virtualized cloud environments have emerged as a necessity within modern unified ICT infrastructures and have established themselves as a reliable backbone for numerous always-on services. `Live´ intra-cloud virtual-machine (VM) migration is a widely used technique for efficient resource management employed within modern cloud infrastructures. Despite the benefits of such functionality, there are still several security issues which have not yet been thoroughly assessed and quantified. We investigate the impact of live virtual-machine migration on state-of-the-art anomaly detection (AD) techniques (namely PCA and K-means), by evaluating live migration under various attack types and intensities. We find that the performance for both detectors degrades as shown by their Receiver Operating Characteristics (ROC) curves when intra-cloud live migration is initiated while VMs are under a netscan (NS) or a denial-of-service (DoS) attack.
Keywords :
cloud computing; computer network security; virtual machines; K-means; PCA; ROC curves; anomaly detection; denial-of-service attack; intracloud live migration; live intracloud virtual-machine migration; netscan; receiver operating characteristic curves; resource management; security issues; virtualized cloud environments; Computer crime; Conferences; Detectors; Entropy; Feature extraction; Principal component analysis; Vectors; Cloud computing; anomaly detection; live VM migration;
Conference_Titel :
Cloud Networking (CloudNet), 2014 IEEE 3rd International Conference on
Conference_Location :
Luxembourg
DOI :
10.1109/CloudNet.2014.6968968
