An Intrusion Diagnosis Perspective on Cloud Computing

Part of the Computer Communications and Networks book series (CCN)


Cloud computing is an emerging paradigm with virtual machine as its enabling technology. As with any other Internet-based technology, security underpins widespread success of Cloud computing. However, Cloud computing introduces new challenges with respect to security mainly due to the unique characteristics inherited via virtual machine technology. In this chapter, we focus on the challenges imposed on intrusion diagnosis for Clouds due to these characteristics. In particular, we identify the importance of intrusion diagnosis problem for Clouds and the novel challenges for intrusion diagnosis for Clouds. Also, we propose a solution to address these challenges and demonstrate the effectiveness of the proposed solution with empirical evaluation.


Cloud Computing Virtual Machine Security Requirement System Call Service Level Agreement 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Amazon Elastic Computing Cloud Available at:
  2. 2.
    Google Cloud. Available at:
  3. 3.
    GoGrid: Scalable Load-Balanced Windows and Linux Cloud-Server Hosting. Available at:
  4. 4.
    Nimbus. Available at:
  5. 5.
    OpenNebula Project.
  6. 6.
    Burchard, L., M. Hovestadt, O. Kao, A. Keller, and B. Linnert: The Virtual Resource Manager: An Architecture for SLA-aware Resource Management, in the IEEE International Symposium on Cluster Computing and the Grid. 2004. p. 126–133.Google Scholar
  7. 7.
    Tal Garfinkel, Mendel Rosenblum: When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments. In the Proceedings of 10th Workshop on Hot Topics in Operating Systems, 2005 –
  8. 8.
    Junaid Arshad, Integrated Intrusion Detection and Diagnosis for Clouds. In the proceedings of Dependable Systems and Networks (DSN), Student Forum 2009.Google Scholar
  9. 9.
    John D. Strunk, Garth R. Goodson, Adam G. Pennington, Craig A. N. Soules, Gregory R. Ganger. Intrusion detection, diagnosis, and recovery with self-securing storage. Technical report CMU-CS-02-140. May 2002.Google Scholar
  10. 10.
    Junaid Arshad, Paul Townend, Quantification of Security for Compute Intensive workloads in Clouds. Submitted to International Conference on Parallel and Distributed Systems (ICPADS) 2009.Google Scholar
  11. 11.
    Stephen Northcutt and Judy Novak; Network Intrusion Detection: An Analyst’s Handbook, 3 rd edition New Riders Publishing Thousand Oaks, CA, USA ISBN:0735712654Google Scholar
  12. 12.
    Peter Mell and Karen Scarfone A Complete Guide to the Common Vulnerability Scoring System Version 2.0
  13. 13.
    IBM Systems, Virtualization version 2, release 1 available at:
  14. 14.
    Algirdas Avi zienis, Jean-Claude Laprie, Brian Randell and Carl Landwehr: Basic Concepts and Taxonomy of Dependable and Secure Computing, IEEE Transaction on Dependable And Secure Computing, Vol. 1, No. 1, January-March 2004.Google Scholar
  15. 15.
    Rick Kazman, Mark Klein, Mario Barbacci, Tom Longstaff, Howard Lipson and Jeromy Carriere The Architecture Tradeoff Analysis Method Technical Report, CMU/SEI-98-TR-008 ESC-TR-98-008 available at
  16. 16.
    Wei Jie, Junaid Arshad, Richard Sinnott and Paul Townend; Towards Shibboleth based Security for Grids – A State-of-art Review on Grid Authentication and Authorization Technology. Accepted for ACM Computing Surveys. Association for Computing Machinery 2009.Google Scholar
  17. 17.
    J. MacQueen. Some methods for classification and analysis of multivariate observations, volume 1 of Proceedings of the Fifth Berkeley Symposium on Mathematical statistics and probability, pages 281–297, Berkeley, 1967. University of California Press.Google Scholar
  18. 18.
    Quinlan, J. R. C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers, 1993Google Scholar
  19. 19.
    Massimo Bernaschi, Emnuele Gabrieli, Luigi V. Mancini; Remus: a security-enhanced operating system in the proceedings of ACM Transactions on Information and System Security 2002.Google Scholar
  20. 20.
    The MathWorks – MATLAB and Simulink for Technical Computing.
  21. 21.
    Information on See5/C5.0
  22. 22.
  23. 23.
    Jinpeng Huai, Qin Li, Chunming Hu; CIVIC: A Hypervisor based Computing Environment in the Proceedings of the 2007 International Conference on Parallel Processing Workshops.Google Scholar
  24. 24.
    Paul Barham_, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauery, Ian Pratt, Andrew Warfield; Xen and the Art of Virtualization in the Proceedings of SOSP’03, October 19.22, 2003.Google Scholar

Copyright information

© Springer-Verlag London Limited 2011

Authors and Affiliations

  1. 1.School of ComputingUniversity of LeedsLeedsUK

Personalised recommendations