Intrusion detection techniques in cloud environment: A survey

Citation data:

Journal of Network and Computer Applications, ISSN: 1084-8045, Vol: 77, Page: 18-47

Publication Year:
2017
Usage 206
Abstract Views 166
Link-outs 40
Captures 121
Readers 115
Exports-Saves 6
Social Media 170
Shares, Likes & Comments 170
Citations 17
Citation Indexes 17
DOI:
10.1016/j.jnca.2016.10.015
Author(s):
Preeti Mishra; Emmanuel S. Pilli; Vijay Varadharajan; Udaya Tupakula
Publisher(s):
Elsevier BV
Tags:
Computer Science
review description
Security is of paramount importance in this new era of on-demand Cloud Computing. Researchers have provided a survey on several intrusion detection techniques for detecting intrusions in the cloud computing environment. Most of them provide a discussion over traditional misuse and anomaly detection techniques. Virtual Machine Introspection (VMI) techniques are very helpful in detecting various stealth attacks targeting user-level and kernel-level processes running in virtual machines (VMs) by placing the analyzing component outside the VM generally at hypervisor. Hypervisor Introspection (HVI) techniques ensure the hypervisor security and prevent a compromised hypervisor to launch further attacks on VMs running over it. Introspection techniques introspect the hypervisor by using hardware-assisted virtualization-enabled technologies. The main focus of our paper is to provide an exhaustive literature survey of various Intrusion Detection techniques proposed for cloud environment with an analysis of their attack detection capability. We propose a threat model and attack taxonomy in cloud environment to elucidate the vulnerabilities in cloud. Our taxonomy of IDS techniques represent the state of the art classification and provides a detailed study of techniques with their distinctive features. We have provided a deep insight into Virtual Machine Introspection (VMI) and Hypervisor Introspection (HVI) based techniques in the survey. Specific research challenges are identified to give future direction to researchers. We hope that our work will enable researchers to launch and dive deep into intrusion detection approaches in a cloud environment.