The Practicality of using Virtual Machine Introspection Technique with Machine Learning Algorithms for the Detection of Intrusions in Cloud

Melvin, Alfred and Kathrine, G Jaspher and Johnraja, J Immanuel (2021) The Practicality of using Virtual Machine Introspection Technique with Machine Learning Algorithms for the Detection of Intrusions in Cloud. In: ICASISET 2020, 16-17 May 2020, Chennai, India.

[thumbnail of eai.16-5-2020.2303939.pdf]
Preview
Text
eai.16-5-2020.2303939.pdf - Published Version

Download (714kB) | Preview

Abstract

Associate Professor, Dept. of CSE, KITS3 Abstract. This paper presents a novel pattern generation algorithm for the implementation of Virtual Machine Introspection (VMI) based Intrusion Detection System (IDS) for Cloud Computing. The method uses Drakvuf VMI technique for gathering the behavioral characteristics of malware and benign samples. The behavioral characteristics data are then fed to the proposed algorithm for the generation of patterns in-order to generate the dataset. The algorithm includes the generation of frequency distribution of each system calls, hash value based on SHA256 algorithm for the list of file names, hash value based on SHA256 algorithm for the list of process names. Finally, the generated dataset is evaluated using Machine Learning (ML) algorithms with 10-Fold cross validation. It is found that J48 (C4.5) tree classification algorithm performed well with high detection accuracy compared to other ML algorithms. The detection accuracy is 99.1379% for dataset size of 232 instances. As the number of instances in the dataset was increased, the detection accuracy has improved to the maximum of 100% for the dataset size of 273 instances.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: virtual machine introspection virtual machine monitor intrusion detection system malware machine learning cloud computing
Subjects: Q Science > QA Mathematics > QA76 Computer software
Depositing User: EAI Editor III.
Date Deposited: 09 Mar 2021 09:49
Last Modified: 09 Mar 2021 09:49
URI: https://eprints.eudl.eu/id/eprint/1407

Actions (login required)

View Item
View Item