Skip to main content
SpringerLink
Log in

VMProtector: Malign Process Detection for Protecting Virtual Machines in Cloud Environment

  • Conference paper
  • First Online:
Advances in Computing and Data Sciences (ICACDS 2019)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1045))

Included in the following conference series:

Abstract

Cloud computing provides delivery of computing resources as a services pay-as-you-go basis. It represents a shift from products being purchased, to products being subscribed as a service, delivered to consumers over the internet from a large scale data center. The main issue with cloud services is security from attackers who can easily compromise the Virtual Machines (VMs) and applications running over it. In this paper, we present a VMProtector mechanism to detect malign processes which generate attacks against VMs running in cloud. VMProtector extracts the n-grams and applies Principal Component Analysis (PCA) algorithm to select relevant n-gram patterns. It further applies fusion technique using three classifiers Random Forest (RF) and K-Nearest Neighbour (KNN) and Logistic Regression (LR) to learn and detect system call pattern of malign processes. The approach is implemented using University of New Maxico (UNM) dataset and provides promising results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Kumar, S., Goudar, R.: Cloud computing-research issues, challenges, architecture, platforms and applications: a survey. Int. J. Future Comput. Commun. 1(4), 356 (2012)

    Article  Google Scholar 

  2. Oracle: “oracle report” (2018). https://assets.kpmg/content/dam/kpmg/kz/pdf/Oracle-and-KPMG-Cloud-Threat-Report_2018_Limited.pdf

  3. Singh, A., Shrivastava, D.M.: Overview of attacks on cloud computing. Int. J. Eng. Innovative Technol. (IJEIT) 1(4) (2012)

    Google Scholar 

  4. Kumar, V., Sangwan, O.P.: Signature based intrusion detection system using snort. Int. J. Comput. Appl. Inf. Technol. 1(3), 35–41 (2012)

    Google Scholar 

  5. Jain, M., Bajaj, P.: Techniques in detection and analyzing malware executables: a review. Int. J. Comput. Sci. Mobile Comput. 3(5), 930–935 (2014)

    Google Scholar 

  6. Song, F., Guo, Z., Mei, D.: Feature selection using principal component analysis. In: International Conference on System Science, Engineering Design and Manufacturing Informatization, vol. 1, pp. 27–30. IEEE (2010)

    Google Scholar 

  7. Biau, G.: Analysis of a random forests model. J. Mach. Learn. Res. 13(Apr), 1063–1095 (2012)

    MathSciNet  MATH  Google Scholar 

  8. Bijalwan, V., Kumar, V., Kumari, P., Pascual, J.: KNN based machine learning approach for text and document mining. Int. J. Database Theory Appl. 7(1), 61–70 (2014)

    Article  Google Scholar 

  9. Hosmer Jr., D.W., Lemeshow, S., Sturdivant, R.X.: Applied Logistic Regression, vol. 398. Wiley, Hoboken (2013)

    Book  Google Scholar 

  10. Mishra, P., Pilli, E.S., Varadharajan, V., Tupakula, U.: Securing virtual machines from anomalies using program-behavior analysis in cloud environment. In: IEEE 18th International Conference on High Performance Computing and Communications, pp. 991–998. IEEE (2016)

    Google Scholar 

  11. Alarifi, S., Wolthusen, S.: Anomaly detection for ephemeral cloud IaaS virtual machines. In: Lopez, J., Huang, X., Sandhu, R. (eds.) NSS 2013. LNCS, vol. 7873, pp. 321–335. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38631-2_24

    Chapter  Google Scholar 

  12. Dinaburg, A., Royal, P., Sharif, M., Lee, W.: Ether: malware analysis via hardware virtualization extensions. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 51–62. ACM (2008)

    Google Scholar 

  13. Gupta, S., Kumar, P.: An immediate system call sequence based approach for detecting malicious program executions in cloud environment. Wireless Pers. Commun. 81(1), 405–425 (2015)

    Article  Google Scholar 

  14. Deshpande, P., Sharma, S., Peddoju, S., Junaid, S.: Hids: a host based intrusion detection system for cloud computing environment. Int. J. Syst. Assur. Eng. Manag. 9(3), 567–576 (2018)

    Article  Google Scholar 

  15. Phalke, N.N., Adagale, S.S., Priyadarshi, A., Shinde, V.B.: Malware detection using n-gram based file signature based method. Int. J. Recent Innovation Trends Comput. Commun. 2(11), 3793–3795 (2014)

    Google Scholar 

  16. UNM: UNM Dataset (1998). http://www.cs.unm.edu/~immsec/systemcalls.htm

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun, India

    Preeti Mishra, Akash Negi & R. C. Joshi

  2. Department of Computer Science & Engineering, Malaviya National Institute of Technology Jaipur, Jaipur, India

    E. S. Pilli

Authors
  1. Preeti Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Akash Negi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. E. S. Pilli
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. R. C. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Preeti Mishra .

Editor information

Editors and Affiliations

  1. University of KwaZulu-Natal, Durban, South Africa

    Mayank Singh

  2. Computer Science and Engineering, Jaypee Institute of Information Technology, Waknaghat, Himachal Pradesh, India

    P.K. Gupta

  3. Department of Computer Science and Engineering, Jaypee University of Engineering and Technology, Guna, Madhya Pradesh, India

    Vipin Tyagi

  4. ÚTIA AV ČR, Institute of Information Theory and Automation, Prague 8, Praha, Czech Republic

    Jan Flusser

  5. School of Electrical Engineering and Computer Science, University of Ottawa, Ottawa, ON, Canada

    Tuncer Ören

  6. CSE Department, Inderprastha Engineering College, Ghaziabad, Uttar Pradesh, India

    Rekha Kashyap

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Mishra, P., Negi, A., Pilli, E.S., Joshi, R.C. (2019). VMProtector: Malign Process Detection for Protecting Virtual Machines in Cloud Environment. In: Singh, M., Gupta, P., Tyagi, V., Flusser, J., Ören, T., Kashyap, R. (eds) Advances in Computing and Data Sciences. ICACDS 2019. Communications in Computer and Information Science, vol 1045. Springer, Singapore. https://doi.org/10.1007/978-981-13-9939-8_32

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-9939-8_32

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-9938-1

  • Online ISBN: 978-981-13-9939-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation