Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Assessing the impact of intra-cloud live migration on anomaly detection
AU - Shirazi, Syed Noor Ul Hassan
AU - Simpson, Steven
AU - Marnerides, Angelos
AU - Watson, Michael
AU - Mauthe, Andreas
AU - Hutchison, David
PY - 2014/10
Y1 - 2014/10
N2 - Virtualized cloud environments have emerged as a necessity within modern unified ICT infrastructures and have established themselves as a reliable backbone for numerous always-on services. `Live' intra-cloud virtual-machine (VM) migration is a widely used technique for efficient resource management employed within modern cloud infrastructures. Despite the benefits of such functionality, there are still several security issues which have not yet been thoroughly assessed and quantified. We investigate the impact of live virtual-machine migration on state-of-the-art anomaly detection (AD) techniques (namely PCA and K-means), by evaluating live migration under various attack types and intensities. We find that the performance for both detectors degrades as shown by their Receiver Operating Characteristics (ROC) curves when intra-cloud live migration is initiated while VMs are under a netscan (NS) or a denial-of-service (DoS) attack.
AB - Virtualized cloud environments have emerged as a necessity within modern unified ICT infrastructures and have established themselves as a reliable backbone for numerous always-on services. `Live' intra-cloud virtual-machine (VM) migration is a widely used technique for efficient resource management employed within modern cloud infrastructures. Despite the benefits of such functionality, there are still several security issues which have not yet been thoroughly assessed and quantified. We investigate the impact of live virtual-machine migration on state-of-the-art anomaly detection (AD) techniques (namely PCA and K-means), by evaluating live migration under various attack types and intensities. We find that the performance for both detectors degrades as shown by their Receiver Operating Characteristics (ROC) curves when intra-cloud live migration is initiated while VMs are under a netscan (NS) or a denial-of-service (DoS) attack.
U2 - 10.1109/CloudNet.2014.6968968
DO - 10.1109/CloudNet.2014.6968968
M3 - Conference contribution/Paper
SN - 9781479927302
SP - 52
EP - 57
BT - Proceedings of 3rd IEEE International Conference on Cloud Networking, IEEE CloudNet 2014
PB - IEEE
ER -