Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments

机译：量化虚拟环境中入侵检测系统的攻击检测精度

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

With the widespread adoption of virtualization, intrusion detection systems (IDSes) are increasingly being deployed in virtualized environments. When securing an environment, IT security officers are often faced with the question of how accurate deployed IDSes are at detecting attacks. To this end, metrics for assessing the attack detection accuracy of IDSes have been developed. However, these metrics are defined with respect to a fixed set of hardware resources available to the tested IDS. Therefore, IDSes deployed in virtualized environments featuring elasticity (i.e., on-demand allocation or deallocation of virtualized hardware resources during system operation) cannot be evaluated in an accurate manner using existing metrics. In this paper, we demonstrate the impact of elasticity on IDS attack detection accuracy. In addition, we propose a novel metric and measurement methodology for accurately quantifying the accuracy of IDSes deployed in virtualized environments featuring elasticity. We demonstrate their practical use through case studies involving commonly used IDSes.

机译：随着虚拟化的广泛采用，入侵检测系统（IDS）越来越多地部署在虚拟化环境中。在保护环境时，IT安全人员经常面临这样一个问题，即已部署的IDS在检测攻击方面的准确性如何。为此，已经开发了用于评估IDS的攻击检测准确性的度量。但是，这些指标是针对可用于测试的IDS的一组固定的硬件资源定义的。因此，无法使用现有指标以准确的方式评估部署在具有弹性（即按需分配或在系统运行期间对虚拟化硬件资源进行重新分配）的虚拟化环境中的IDS。在本文中，我们演示了弹性对IDS攻击检测准确性的影响。此外，我们提出了一种新颖的度量和测量方法，用于准确量化部署在具有弹性的虚拟环境中的IDS的准确性。我们通过涉及常用IDS的案例研究证明了它们的实际用途。

著录项

来源
《IEEE International Symposium on Software Reliability Engineering》|2016年|276-286|共11页
会议地点
作者
Aleksandar Milenkoski; K. R. Jayaram; Nuno Antunes; Marco Vieira; Samuel Kounev;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Measurement; Elasticity; Virtual machine monitors; Hardware; Transient analysis; Intrusion detection;

机译：测量;弹性;虚拟机监视器;硬件;瞬态分析;入侵检测;

相似文献

外文文献
中文文献
专利

1. Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments [J] . Josenilson Dias Araujo, Zair Abdelouahab International journal of computer science and network security . 2013,第11期

机译：入侵检测系统中的虚拟化：针对云计算环境的不同方法的研究
2. Virtualization in Intrusion Detection Systems: A Study on Different Approaches for Cloud Computing Environments [J] . Josenilson Dias Ara?jo, Zair Abdelouahab International journal of computer science and network security . 2012,第11期

机译：入侵检测系统中的虚拟化：针对云计算环境的不同方法的研究
3. Secure intrusion detection and attack measure selection in virtual network systems [J] . S. Uvaraj, S. Suresh, N. Kannaiya Raja Advances in Networks . 2013,第2期

机译：虚拟网络系统中的安全入侵检测和攻击措施选择
4. Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments [C] . Aleksandar Milenkoski, K. R. Jayaram, Nuno Antunes, International Symposium on Software Reliability Engineering . 2016

机译：量化虚拟化环境中入侵检测系统的攻击检测准确性
5. A novel Intrusion Detection System (IDS) architecture: Attack detection based on Snort for multistage attack scenarios in a multi-cores environment [D] . Pagna Disso de Muila, Jules Ferdinand 2010

机译：一种新颖的入侵检测系统（IDS）架构：基于Snort的攻击检测可在多核环境中进行多阶段攻击
6. Fusion of Heterogeneous Intrusion Detection Systems for Network Attack Detection [O] . Jayakumar Kaliappan, Revathi Thiagarajan, Karpagam Sundararajan 2015

机译：融合用于网络攻击检测的异构入侵检测系统
7. A novel intrusion detection system (IDS) architecture. Attack detection based on snort for multistage attack scenarios in a multi-cores environment. [O] . Pagna Disso Jules Ferdinand 2010

机译：一种新颖的入侵检测系统（IDS）架构。针对多核环境中的多阶段攻击方案，基于snort的攻击检测。

Quantifying the Attack Detection Accuracy of Intrusion Detection Systems in Virtualized Environments

摘要

著录项

相似文献

相关主题

期刊订阅