A Novel Security Analysis for Virtualized Infrastructure using Fuzzy Classification Approach in Cloud Computing

Siddthan R., Dr.Nagarajan A.
2018 International Journal of Engineering and Technology  
Virtualized infrastructure becomes an attractive goal for cyber attackers for launching advanced attacks in cloud computing. Several existing techniques are utilized for predicting the attacks in the cloud data. It helps to predict the attack effectively and efficiently. But it is difficult to classify the cloud data as normal and attacker's data. Hence a novel security analysis of big data using classification approach is proposed in this work for detecting and classifying the advanced attacks
more » ... in virtualized infrastructures. Here the logs of the network and user's applications are gathered from the guest virtual machines (VMs). These data are preserved in the Hadoop Distributed File System (HDFS). The process of extracting the features of the attacker is done by using a graph-based event correlation and the possible attack paths are identified based on the Map Reduce parser. After that, the presence of attack can be determined by performing two phase machine learning such as logistic regression and belief propagation. Here the logistic regression can be implemented for calculating the conditional probabilities of an attack regarding the attributes, and belief propagation for calculating the belief in the attack's presence depending upon them. Finally, a fuzzy classification approach is utilized for classifying the normal and attacker's data. The performance of the proposed approach is assessed by utilizing a well-known malware and compared with the prevailing security approaches for virtualized infrastructure. The experimental analysis reveals that our approach performs better in identifying and classifying the attacks with high efficiency and reduced performance overhead Keyword -Cloud Computing, Big Data, Hadoop and MapReduce, Virtual Machine Security, Fuzzy Classification. I. INTRODUCTION Due to the rapid growth and popularity of processing and storage technologies and also with the success of internet, the computing resources avail more ubiquitously and cheaper. It is then referred to as cloud computing which offers the requirements of present and upcoming information and communication technology [1] . Cloud computing is recognized as a model that offers computing resources depending upon the pay-per-use by configuring such resources dynamically for accommodating several needs of workload. This can be done by the exploitation of virtualization [2] . Virtualized infrastructure is comprised of virtual machines (VMs) which depends upon the software-defined multi-instance resources of the hosting hardware. The software-defined multi-instance architecture is managed, sustained and regulated by the virtual machine monitor which is also referred to as hypervisor. The extensive utilization of virtualized infrastructures becomes a substantial provision for cloud computing services due to the facility of pooling various computing resources in addition to empower the on-demand resource scaling [3] . This makes the virtualized infrastructures as an interesting goal for cyber attackers to get illegal access by launching attacks. Some degrading attacks such as Virtualized Environment Neglected Operations Manipulation (VENOM) is accomplished for the exploitation of software issues in the source code of hypervisor. It helps an attacker to escape from a guest VM and access the essential hypervisor. Also the issues in the operating system due to the attacks like Heartbleed and Shellshock can be utilized against the virtualization infrastructure for the purpose of obtaining the login informations about the guest VMs and performing attacks to Distributed Denial of Service (DDoS).
doi:10.21817/ijet/2018/v10i4/181004043 fatcat:gy2uljdnofct5fbkmewxknu7b4