Towards Targeted Intrusion Detection Deployments in Cloud Computing


Norman Ahmed
Bharat Bhargava


Preventing security violation incidents or collecting dependable system audit trails for post incidents requires successfully detecting anomaly-based abnormal or intrusion activities. However, properly positioning the necessary tools for maximum detection can be inelegant and limited for systems that can be formed and destroyed on demand, such as the cloud. In this paper, we present a simplified taxonomy to aid targeted intrusion detection system deployments in cloud platforms. To illustrate the effectiveness of the proposed approach, we show two stealthy intrusion schemes and a preventive and adoptable detection strategy using Virtual Machine Introspection in a realistic use case scenario.


How to Cite
Norman Ahmed, & Bharat Bhargava. (2015). Towards Targeted Intrusion Detection Deployments in Cloud Computing. International Journal of Next-Generation Computing, 6(2), 129–139.


  1. Ahmed, I., Zoranic, A., Javaid, S., and Richard, G.G. 2006. ModChecker: Kernel Module Integrity Checking in the Cloud Environment. In Proceedings of the 41st International Con fence on Parallel Processing Workshops (ICPPW), vol., no., pp.306,313, 10-13.
  2. Alarifi, S., and, Wolthusen, S. 2013. Anomaly Detection for Ephemeral Cloud IaaS Virtual Machines. In Lecture Notes in Computer Science, Volume 7873, 2013, pp 321-335.
  3. Averest Research Group 2013. Enterprise Cloud Adaptation Survey 2013: Summary of Results. In
  4. Bhaduri, K., Das, K., and Matthews, B. 2011. Anomaly Detection for Ephemeral Cloud IaaS Virtual Machines. In Proceedings of ICDMW, IEEE 11th International Conference on Data Mining Workshops. IEEE, 2011.
  5. Catania, C., and, Garino, C. 2012. Automatic Network Intrusion Detection: Current Techniques. In Computer and Electrical Engineering. 38 (2012) 1062 1072.
  6. Frank, D., Knahl, M., Reich, C., and Clarke, N. 2013. Anomoly Detection In IaaS Clouds. In IEEE International Conference on Cloud Computing Technology and Science.
  7. Garfinkel T., and, Rosenblum M. 2003, A virtual Machine-based Architecture for Intrusion detection. In Network and Distributed System Security Symposium, Sandiego, California USA, 2003.
  8. Goldszmidt, M., Woodard, D. and Bodik, P. Real-time identi cation of performance problems in large distributed systems. In Machine Learning and Knowledge Discovery for Engineering Systems Health Management. 2011.
  9. Kourai, K., and, Nakamura K. Ecient VM Introspection in KVM and Performance Comparison with Xen. In Proceedings of IEEE 20th Paci c Rim International Symposium on Dependable Computing (PRDC).
  10. Liao, H., sc Lin, C., Lin, Y., and, Tung, K. 2013. Intrusion Detection System: A comprehensive Review, In Journal of Network and Computer Applications 36 (2103) 16-24.
  11. Mazzariello, C., Bifulco, R., and, Canonico, R. 2010. Integrating a Network IDS into and Open Source Cloud Computing Environment. In the 6th International Conference on Information Assurance and Security.
  12. Modi, C., Dhiren P., Bhavesh B., Hiren P., Avi P., and, Muttukrishnan R. 2013. A survey of Intrusion Detection Techniques in Cloud. Journal of Network and Computer Applications 36, no. 1 (2013): 42-57.
  13. Smith, D., Guan, Q., and, Fu, S., 2010. An Anomaly Detection Framework for Autonomic Management of Compute Cloud Systems. In the 34th Annual IEEE Computer Software and Applications Conference Workshops.
  14. Subashini, S., and, Kavitha, V. 2011, A survey on Security Issues in Service Delivery Models of Cloud Computing. In Journal of Network and Computer Communication. 34.1 (2011): 1-11.
  15. Wang, C., Talwar, V., Schwan, K., and Ranganathan, P. 2010. Online Detection of Utility Cloud Anomalies Using Metric Distribution. In IEEE/IFIP Network Operations and Management Symposium (NOMS) 2010: Mini Conference.
  16. Xu, W., Huang, L., Fox, A., Patterson, D., and, Jordan, M., 2009. Detecting Large-Scale Problems by Mining Console Logs. In the 22nd Symposium of Operating Systems Principles, (SOSP09).
  17. Granville, K., 2015. 9 Recent Cyberattacks Against Big Businesses. 2015/02/05/technology/recent-cyberattacks.html?_r=0.