Title

Botnet Detection in Cloud-computing Environments

Funding Agency

UNO Office of Research and Sponsored Programs (ORSP) - SCoRe (Stimulating Competitive Research)

Amount

$12,000

Starting date

5-1-2014

Duration

3 months

Abstract

Botnet detection is an important problem in cyber security. This proposal particularly aims to develop botnet detection techniques for a cloud-computing environment that utilizes virtualization and runs several guest virtual machines (VMs) on a physical machine. The proposed project aims to use virtual machine introspection to examine the system resources of virtual machines from a privileged VM without running any component inside the guest VMs. The approach offers scalability in that it obtains data (of network and system activities) from multiple VMs and analyzes and correlates them for botnet detection without incurring any explicit overhead on guest VMs. The research will take advantage of both signature and anomaly detection paradigm and devise algorithms such as to monitor invariant artifacts and process specific anomalies in a guest VM.

Document Type

Metadata Only

This document is currently not available here.

Share

COinS