Abstract
Cloud computing is gradually becoming the most popular option of Information Technology infrastructures. However, an important issue that has emerged through that revolution is the preservation of an adequate level of security for the infrastructure and the confrontation of malicious insiders. This paper proposes a methodology for detecting the co-residency attack in the kernel layer of a Xen-based cloud environment, using an implementation of the Smith–Waterman genetic algorithm. The proposed approach has been explored in a test bed environment, producing results that verify its effectiveness.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-014-0255-8/MediaObjects/10207_2014_255_Fig1_HTML.gif)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs10207-014-0255-8/MediaObjects/10207_2014_255_Fig2_HTML.gif)
Similar content being viewed by others
References
Douligeris, C., Mitrokotsa, A.: DDoS attacks and defense mechanisms: classification and state-of-the-art. Comput. Netw. 44(5), 643–666 (2004)
Orgill, G.L., Romney, G.W., Bailey, M.G., Orgill, P.M.: The urgency for effective user privacy-education to counter social engineering attacks on secure computer systems. In: Proceedings of the Conference on Information Technology Education, CITC5 (2004)
Krutz, R.L., Vines, R.D.: Cloud Security: A comprehensive guide to secure Cloud Computing. Wiley, New York (2010)
Catteddu, D.: Cloud computing: benefits, risks and recommendations for information security. In: Serrão, C., Aguilera, V., Cerullo, F. (eds.) Web Application Security. Communications in Computer and Information Science, vol. 72, p 17. Springer, Berlin, Heidelberg (2010)
Kandias, M., Virvilis, N., Gritzalis, D.: The insider threat in cloud computing. In: Wolthusen S., et al. (eds.) Proceedings of the 6th International Conference on Critical Infrastructure Security (CRITIS-2011), pp. 95–106. Springer, Switzerland, September 2011
Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: ACM CCS, Chicago (2009)
Roschke, S., Cheng, F., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. 5, 246–255 (2010)
http://blog.xen.org/index.php/2013/07/09/xen-4-3-0-released/
Smith, T., Waterman, M.: Identification of common molecular subsequences. J. Mol. Biol. (1981)
Xiao, Z., Xiao, Y.: Security and Privacy in Cloud Computing, Communications Surveys and Tutorials, vol. 99, pp. 1–17. IEEE (2012)
Nmap: http://nmap.org/
Hping: http://www.hping.org/
Bates, A.: Dtecting Cloud Co-Residency with Network Flow Watermarking Techniques. MSC Thesis, University of Oregon, September 2012
Zhang, Y., Juels, A., Oprea, A., Reiter, A.: HomeAlone: co-residency detection in the cloud via side-channel analysis. Security and Privacy IEEE Symposium (2011)
Mundada, Y., Ramachndran, A., Feamster, N.: SilverLine: data and network isolation for cloud services. In: Proceedings of the USENIX Workshop on Hot Topics in Cloud Computing (HotCloud) (2011)
Mazzariello, C., Bifulco, R., Canonico, R.: Integrating a network IDS into an open source cloud computing environment. In: Sixth International Conference on Information Assurance and Security (2010)
Schulter, A., Vieira, K., Westphal, C., Westaphal, C., Abderrrahim, S.: Intrusion detection for computational grids. In: Proceedings 2nd Internationall Conference New Technologies Mobility, and Security. IEEE Press (2008)
Cheng, F., Roschke, S., Meinel, C.: Implementing IDS management on lock-keeper. In: Proceedings of 5th Information Security Practice and Experience Conference (ISPEC 09), LNCS 5451, pp. 360–371. Springer (2009)
Cheng, F., Roschke, S., Meinel, C.: An advanced IDS management architecture. J. Inf. Assur. Secur. Dynamic Publishers Inc., vol. 51, pp. 246–255, Atlanta, GA 30362, USA, ISSN 1554–1010, Jan 2010
Cheng, F., Roschke, S., Meinel, C.: Intrusion detection in the cloud. In: Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing, China (2009)
Bharadwaja, S., Sun, W., Niamat, M., Shen, F.: Collabra: axen hypervisor based collaborative intrusion detection system. In: Proceedings of the 8th International Conference on Information Technology: New Generations (ITNG 11), pp. 695–700. Las Vegas, Nev, USA (2011)
Hoang, C.: Protecting Xen hypercalls. MSC thesis, University of British Columbia July (2009)
Backtrack: http://www.backtrack-linux.org/
Douglas, J.E.: http://www.imdb.com/name/nm0235123/bio
Linux Audit: http://www.la-samhna.de/library/audit.html
OpenSuse: http://www.opensuse.org/
KVM: http://www.techopedia.com/definition/28437/kernel-based-virtual-machine-kvm
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Pitropakis, N., Pikrakis, A. & Lambrinoudakis, C. Behaviour reflects personality: detecting co-residence attacks on Xen-based cloud environments. Int. J. Inf. Secur. 14, 299–305 (2015). https://doi.org/10.1007/s10207-014-0255-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-014-0255-8