Hypervisor based Intrusion Detection and Prevention System for Cloud Environment
In recent days, the cloud computing technology has received the significant scope in the area of IT and networking services. But this technology is suffering with lack of sufficient development in terms of its security methods. Cloud computing basically provides the services like infrastructure, software, platform, etc. The cloud security is to be guaranteed and its monitoring services are carefully designed using necessary intrusion detection and prevention techniques. In a cloud environment, hypervisors and virtual machines (VMs) are more significant to protect the data from any attacker. A hypervisor or virtual machine monitor is a software, firmware or hardware that creates and runs VMs. A computer on which the hypervisor runs one or more VMs is called as a host machine whereas the VMs are called as guest machines. Cloud provider uses the virtualization method to share the sources that is available in two levels i.e. VM and hypervisor. In many infrastructures, the cloud virtual machines are shared with other organizations virtual machines as a service. In this paper, we have implemented a hypervisor-based Intrusion Detection and Prevention System for Cloud Environment. The hypervisor-based architecture is the most promising and greatly improved the user VM security. This method can detect and eradicate the rootkits and other type of attacks. Both linux and windows based rootkits, DoS attacks, file integrity verification tests were performed and they were successfully detected.