Behavioral modeling for suspicious process detection in cloud computing environments

Proceedings - IEEE International Conference on Mobile Data Management

Volumn 2, Issue , 2013, Pages 177-181

  Dolgikh, Andrey ^a   Birnbaum, Zachary ^a   Chen, Yu ^a   Skormin, Victor ^a  

^a State University of New York   (United States)

Author keywords

Behavioral Modeling; Cloud Computing Security; Multi Tenancy; Suspicious Process Detection

Indexed keywords

BEHAVIORAL MODEL; CLOUD COMPUTING SECURITIES; EFFECTIVENESS AND EFFICIENCIES; EFFICIENT RESOURCE ALLOCATION; INTRUSION DETECTION TECHNOLOGIES; MULTI TENANCIES; ON-DEMAND RESOURCE PROVISIONING; PROCESS DETECTION;

CLOUD COMPUTING; INFORMATION MANAGEMENT;

COMPUTER SYSTEMS;

EID: 84883514167     PISSN: 15516245     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MDM.2013.90     Document Type: Conference Paper

References (19)

1. A. M. Azab, P. Ning, Z. Wang, X. Jiang, X. Zhang, N. C. Skalsky, "HyperSentry: Enabling Stealthy Incontext Measurement of Hypervisor Integrity," in Proc. of the 17th ACM Conference on Computer and Communications Security, pp. 38-49, 2010.
2. L. Badger, T. Grance, R. Patt-Corner, and J. Voas, "NIST special publication 800-146, draft cloud computing synopsis and recommendations," National Institute of Standards and Technology, 2011.
3. R. Houlihan, and X. Du, "An Effective Auditing Scheme for Cloud Computing," in Proc. of IEEE GLOBECOM 2012, Anaheim, CA, USA, Dec. 2012.
4. J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig, "TrustVisor: Efficient TCB reduction and attestation," in Proceedings of the IEEE Symposium on Security and Privacy, May 2010.
5. J. McCune, B. Parno, A. Perrig, M. Reiter, and H. Isozaki, "Flicker: An execution infrastructure for TCB minimization," in Proc. of the ACM European Conference on Computer Systems (EuroSys), March/April 2008.
6. N. L. Petroni, T. Fraser, J. Molina, and W. A. Arbaugh, "Copilot-a coprocessor-based kernel runtime integrity monitor," in Proc. of the 13th USENIX Security Symposium, pp. 13, 2004.
7. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, "Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds," In Proceedings of the 16th ACM conference on Computer and communications security, pp. 199-212. ACM, 2009.
8. J. Rutkowska, "Beyond the CPU: Defeating Hardware Based RAM Acquisition Tools," Blackhat, February 2007.
9. J. Szefer, E. Keller, R.B. Lee, and J. Rexford, "Eliminating the hypervisor attack surface for a more secure cloud," ACM CCS, 2011.
10. V. Varadarajan, T. Kooburat, B. Farley, T. Ristenpart, and M.M. Swift, "Resource-freeing attacks: improve your cloud performance (at your neighbor's expense)," ACM CCS, 2012.
11. J. Wang, A. Stavrou, and A. K. Ghosh, "HyperCheck: A hardwareassisted integrity monitor," in Proc. of the 13th International Symposium on Recent Advances in Intrusion Detection (RAID10), September 2010.
12. R. Wojtczuk and J. Rutkowska, "Xen 0wning trilogy," in Proc. Black Hat conference, 2008.
13. Y. Zhang, A. Juels, M.K. Reiter, and T. Ristenpart, "Cross-VM side channels and their use to extract private keys," ACM CCS, 2012.
14. Metasploitable, http://sourceforge.net/projects/metasploitable/.
15. Metasploit, http://www.metasploit.com/.
16. Backtrack-Linux, http://www.backtrack-linux.org/.
17. Gephi, Available: https://gephi.org.
18. Open Mobile Terminal Platform Alliance, "OMTP Approved Deliverables," 2010, http://www.omtp.org/approved.html.
19. Intel and NTT DoCoMo, "Open and Secure Terminal Initiative (OSTI) Architecture Specification V1.0," 2006.