Detection of Malware Attacks on Virtual Machines for a Self-Heal Approach in Cloud Computing using VM Snapshots

Linda Joseph, Rajeswari Mukesh
2018 Journal of Communications Software and Systems  
Cloud Computing strives to be dynamic as a service oriented architecture (SoA). The services in the SoA are rendered in terms of private, public and in many other commercial domain aspects. These services should be secured and thus are very vital to the cloud infrastructure. In order, to secure and maintain resilience in the cloud, it not only has to have the ability to identify the known threats but also to new challenges that target the infrastructure of a cloud. In this paper, we introduce
more » ... d discuss a detection method of malwares from the VM memory snapshot analysis and the corresponding VM snapshots are classified into attacked and non-attacked VM snapshots. As snapshots are always taken to be a backup in the backup servers, this approach could reduce the overhead of the backup server with a self-healing capability of the VMs in the local cloud infrastructure itself without any compromised VM in the backup server. A machine learning approach is projected here to classify the attacked and non attacked snapshots. The features of the snapshots are gathered from the API calls of VM instances. Our proposed scheme has a high detection accuracy of about 93% while having the capability to classify and detect different types of malwares with respect to the VM snapshots. Finally the paper exhibits an algorithm using snapshots to detect and thus to selfheal. The self-healing approach with machine learning algorithms can determine new threats with some prior knowledge of its functionality.
doi:10.24138/jcomss.v14i3.537 fatcat:llz2cuqttfgnrei5wuboq6fvaa