Botnet Detection in Cloud-computing Environments
UNO Office of Research and Sponsored Programs (ORSP) - SCoRe (Stimulating Competitive Research)
Botnet detection is an important problem in cyber security. This proposal particularly aims to develop botnet detection techniques for a cloud-computing environment that utilizes virtualization and runs several guest virtual machines (VMs) on a physical machine. The proposed project aims to use virtual machine introspection to examine the system resources of virtual machines from a privileged VM without running any component inside the guest VMs. The approach offers scalability in that it obtains data (of network and system activities) from multiple VMs and analyzes and correlates them for botnet detection without incurring any explicit overhead on guest VMs. The research will take advantage of both signature and anomaly detection paradigm and devise algorithms such as to monitor invariant artifacts and process specific anomalies in a guest VM.
Ahmed, Irfan, "Botnet Detection in Cloud-computing Environments" (2014). Computer Science - Grants and Contracts. Paper 13.