Abstract
The normal operation of virtual machine is a necessity for supporting cloud service. Motivated by the great desire of automated abmornal operation detection, this paper proposes a Hidden Markov Model-based method to conduct anomaly detection of virtual machine. This model can depict normal outline base of virtual machine operation and detect system outliers through calculating non-match rate. Through verifying the method in a real distributed environment, experiment results indicate that this method has 1.1%–4.9% better detection accuracy compared with two leading benchmarks with a much better efficiency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Goldberg, R.P.: Survey of virtual machine research. Computer 7, 34–45 (1974)
Rabiner, L.R.: A tutorial on Hidden Markov models and selected applications in speech recognition, 77(2), 257–286 (1989)
Smith, R., Bivens, A., Embrechts, M., Palagiri, C., Szymanski, B.: Clustering approaches for anomaly based intrusion detection. In: Proceedings of Intelligent Engineering Systems Through Artificial Neural Networks, pp. 579–584 (2002)
Breunig, M.M., Kriegel, H.-P., Ng, R.T., Sander, J.: LOF: identifying density-based local outliers. In: ACM Sigmod Record, pp. 93–104. ACM
Sani, Y., Mohamedou, A., Ali, K., Farjamfar, A., Azman, M., Shamsuddin, S.: An overview of neural networks use in anomaly intrusion detection systems. In: 2009 IEEE Student Conference on Research and Development (SCOReD), pp. 89–92. IEEE (2009)
Tylman, W.: Anomaly-based intrusion detection using Bayesian networks. In: Third International Conference on Dependability of Computer Systems, DepCos-RELCOMEX 2008, pp. 211–218. IEEE (2008)
Welch, L.R.: Hidden Markov models and the Baum-Welch algorithm. IEEE Inf. Theory Soc. Newsl. 53, 10–13 (2003)
Forney, G.D.: The viterbi algorithm. Proc. IEEE 61, 268–278 (1973)
Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. (CSUR) 41, 15 (2009)
Hirai, Y.: Defining the Ethereum virtual machine for interactive theorem provers. In: Brenner, M., et al. (eds.) FC 2017. LNCS, vol. 10323, pp. 520–535. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70278-0_33
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Shi, C., Yu, J. (2019). A Hidden Markov Model-Based Method for Virtual Machine Anomaly Detection. In: Steinfeld, R., Yuen, T. (eds) Provable Security. ProvSec 2019. Lecture Notes in Computer Science(), vol 11821. Springer, Cham. https://doi.org/10.1007/978-3-030-31919-9_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-31919-9_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-31918-2
Online ISBN: 978-3-030-31919-9
eBook Packages: Computer ScienceComputer Science (R0)