Abstract
The normal operation of virtual machine is a necessity for supporting cloud service. Motivated by the great desire of automated abmornal operation detection, this paper proposes a Hidden Markov Model-based method to conduct anomaly detection of virtual machine. This model can depict normal outline base of virtual machine operation and detect system outliers through calculating non-match rate. Through verifying the method in a real distributed environment, experiment results indicate that this method has 1.1%–4.9% better detection accuracy compared with two leading benchmarks with a much better efficiency.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Goldberg, R.P.: Survey of virtual machine research. Computer 7, 34–45 (1974)
Rabiner, L.R.: A tutorial on Hidden Markov models and selected applications in speech recognition, 77(2), 257–286 (1989)
Smith, R., Bivens, A., Embrechts, M., Palagiri, C., Szymanski, B.: Clustering approaches for anomaly based intrusion detection. In: Proceedings of Intelligent Engineering Systems Through Artificial Neural Networks, pp. 579–584 (2002)
Breunig, M.M., Kriegel, H.-P., Ng, R.T., Sander, J.: LOF: identifying density-based local outliers. In: ACM Sigmod Record, pp. 93–104. ACM
Sani, Y., Mohamedou, A., Ali, K., Farjamfar, A., Azman, M., Shamsuddin, S.: An overview of neural networks use in anomaly intrusion detection systems. In: 2009 IEEE Student Conference on Research and Development (SCOReD), pp. 89–92. IEEE (2009)
Tylman, W.: Anomaly-based intrusion detection using Bayesian networks. In: Third International Conference on Dependability of Computer Systems, DepCos-RELCOMEX 2008, pp. 211–218. IEEE (2008)
Welch, L.R.: Hidden Markov models and the Baum-Welch algorithm. IEEE Inf. Theory Soc. Newsl. 53, 10–13 (2003)
Forney, G.D.: The viterbi algorithm. Proc. IEEE 61, 268–278 (1973)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41, 15 (2009)
Hirai, Y.: Defining the Ethereum virtual machine for interactive theorem provers. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 520–535. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_33
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Shi, C., Yu, J. (2019). A Hidden Markov Model-Based Method for Virtual Machine Anomaly Detection. In: Steinfeld, R., Yuen, T. (eds) Provable Security. ProvSec 2019. Lecture Notes in Computer Science(), vol 11821. Springer, Cham. https://doi.org/10.1007/978-3-030-31919-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-31919-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31918-2
Online ISBN: 978-3-030-31919-9
eBook Packages: Computer ScienceComputer Science (R0)