Abstract
Cyberattacks targeted at virtualization infrastructure underlying cloud computing services has become increasingly sophisticated. This paper presents a novel malware and rookit detection system which protects the guests against different attacks. It combines system call monitoring and system call hashing on the guest kernel together with Support Vector Machines (SVM)-based external monitoring on the host. We demonstrate the effectiveness of our solution by evaluating it against well-known user-level malware as well as kernel-level rootkit attacks.
Original language | English |
---|---|
Title of host publication | 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing |
Publisher | IEEE |
Pages | 295-300 |
Number of pages | 6 |
ISBN (Electronic) | 9781467392990 |
ISBN (Print) | 978146739297 |
DOIs | |
Publication status | Published - 4 Jan 2016 |
Keywords
- virtualization security
- cloud security
- malware detection
- rootkit detection
- support vector machine
- virtual machine introspection