Extension of Research on Security as a Service for VMs in IaaS Platform
To satisfy security concerns including infrastructure as a service (IaaS) security framework, security service access, network anomaly detection, and virtual machine (VM) monitoring, a layered security framework is built which composes of a physical layer, a virtualization layer, and a security mana...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2020-01-01
|
| Series: | Security and Communication Networks |
| Online Access: | http://dx.doi.org/10.1155/2020/8538519 |
| Summary: | To satisfy security concerns including infrastructure as a service (IaaS) security framework, security service access, network anomaly detection, and virtual machine (VM) monitoring, a layered security framework is built which composes of a physical layer, a virtualization layer, and a security management layer. Then, two security service access methods are realized for various security tools from the perspective of whether security tools generate communication traffic. One without generating traffic employs the VM traffic redirection technology and the other leveraged the mechanism of multitasking process access. Moreover, a stacked LSTM-based network anomaly detection agentless method is proposed, which has advantages of a higher ratio of precision and recall. Finally, a Hypervisor-based agentless monitoring method for VMs based on dynamic code injection is proposed, which has benefits of high security of the external monitoring method and good context analysis of the internal monitoring mechanism. The experimental results demonstrate the effectiveness of the proposed protection framework and the corresponding security mechanisms, respectively. |
|---|---|
| ISSN: | 1939-0114 1939-0122 |