Title: ProvIntSec: a provenance cognition blueprint ensuring integrity and security for real life open source cloud
Authors: Asif Imran; Alim Ul Gias; Rayhanur Rahman; Kazi Sakib
Addresses: Institute of Information Technology (IIT), University of Dhaka, Ramna, Dhaka-1000, Bangladesh ' Institute of Information Technology (IIT), University of Dhaka, Ramna, Dhaka-1000, Bangladesh ' Institute of Information Technology (IIT), University of Dhaka, Ramna, Dhaka-1000, Bangladesh ' Institute of Information Technology (IIT), University of Dhaka, Ramna, Dhaka-1000, Bangladesh
Abstract: The distributed nature and growing demand for open source cloud makes the system an ideal target for malicious attacks and unauthorised file transfers. Requirements of provenance cognition scheme can come forward to solve the problem. However, such mechanisms of provenance detection has been considered to a limited extent for open source cloud computing. ProvIntSec is a novel mechanism that ensures effective collection of provenance information from a large pool of virtual machine (VM) instances on open source cloud platform. ProvIntSec captures critical system journals from VM instances and pattern matches those with predefined signatures to detect the presence of malicious activities. In addition, ProvIntSec identifies the Linux process trees to determine unauthorised file movements across different nodes. The experiments were executed in OpenStack Essex cloud environment running on real life system, and standard metrics were used to calculate the results. The obtained results show average precision values of 92.81% and 81.24% for malware detection and unauthorised file transfers respectively. At the same time, cumulative performance gains of 0.3991 and 8.77 are obtained. Upon comparison of the obtained results with benchmarks, ProvIntSec shows desirable gain in performance.
Keywords: provenance cognition blueprint; cloud computing; cloud security; cloud integrity; performance evaluation; open source cloud; malicious attacks; unauthorised file transfers; provenance detection; virtual machines.
DOI: 10.1504/IJIPSI.2013.058226
International Journal of Information Privacy, Security and Integrity, 2013 Vol.1 No.4, pp.360 - 380
Published online: 19 Jul 2014 *
Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article