ProvIntSec: a provenance cognition blueprint ensuring integrity and security for real life open source cloud Online publication date: Sat, 19-Jul-2014
by Asif Imran; Alim Ul Gias; Rayhanur Rahman; Kazi Sakib
International Journal of Information Privacy, Security and Integrity (IJIPSI), Vol. 1, No. 4, 2013
Abstract: The distributed nature and growing demand for open source cloud makes the system an ideal target for malicious attacks and unauthorised file transfers. Requirements of provenance cognition scheme can come forward to solve the problem. However, such mechanisms of provenance detection has been considered to a limited extent for open source cloud computing. ProvIntSec is a novel mechanism that ensures effective collection of provenance information from a large pool of virtual machine (VM) instances on open source cloud platform. ProvIntSec captures critical system journals from VM instances and pattern matches those with predefined signatures to detect the presence of malicious activities. In addition, ProvIntSec identifies the Linux process trees to determine unauthorised file movements across different nodes. The experiments were executed in OpenStack Essex cloud environment running on real life system, and standard metrics were used to calculate the results. The obtained results show average precision values of 92.81% and 81.24% for malware detection and unauthorised file transfers respectively. At the same time, cumulative performance gains of 0.3991 and 8.77 are obtained. Upon comparison of the obtained results with benchmarks, ProvIntSec shows desirable gain in performance.
Online publication date: Sat, 19-Jul-2014
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information Privacy, Security and Integrity (IJIPSI):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com