Abstract | ||
---|---|---|
Analyze the disadvantages of KVM original network connection modes, and design the third network connection mode: NAT + Bridge mode. For the malicious virtual machines in user mode are difficult to detect and locate in normal way, the article proposes a strategy for detecting TCP DDOS attack based on an improved CUSUM algorithm in the KVM. This strategy detects attack of virtual machines in user mode indirectly by treating the user mode as an independent virtual machine, and determine the suspicious virtual machines in accordance with the abnormal behavior of the process, and then dynamically migrate the suspicious virtual machine to a independent NAT + bridged network environment, then detect the attack of every virtual machine in the independent network environment based on the improved CUSUM algorithm. |
Year | DOI | Venue |
---|---|---|
2012 | 10.1109/ICIS.2012.105 | ACIS-ICIS |
Keywords | Field | DocType |
bridge mode,virtual machine,network connection mode,improved cusum algorithm,kvm original network connection,kvm virtual machine environment,malicious virtual machine,tcp ddos attack detection,suspicious virtual machine,user mode,independent virtual machine,bridged network environment,algorithm design and analysis,cloud computing,ddos attack,computer network security,algorithm design,transport protocols,virtual machines | CUSUM,Virtual machine,Algorithm design,Denial-of-service attack,Computer science,Temporal isolation among virtual machines,Network security,Bridging (networking),Computer network,Cloud computing | Conference |
Citations | PageRank | References |
1 | 0.36 | 4 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Zhuang Wei | 1 | 1 | 0.36 |
Gui Xiaolin | 2 | 237 | 46.40 |
Huang Ru Wei | 3 | 1 | 0.36 |
Yu Si | 4 | 12 | 2.88 |