TY - GEN
T1 - A fuzzy-based dynamic provision approach for virtualized network intrusion detection systems
AU - Li, Bo
AU - Li, Jianxin
AU - Wo, Tianyu
AU - Wu, Xudong
AU - Arshad, Junaid
AU - Liu, Wantao
PY - 2010
Y1 - 2010
N2 - With the increasing prevalence of virtualization and cloud technologies, virtual security appliances have emerged and become a new way for traditional security appliances to be rapidly distributed and deployed in IT infrastructure. However, virtual security appliances are challenged with achieving optimal performance, as the physical resource is shared by several virtual machines, and this issue is aggravated when virtualizing network intrusion detection systems (NIDS). In this paper, we proposed a novel approach named fuzzyVIDS, which enables dynamic resource provision for NIDS virtual appliance. In fuzzyVIDS, we use fuzzy model to characterize the complex relationship between performance and resource demands and we develop an online fuzzy controller to adaptively control the resource allocation for NIDS under varying network traffic. Our approach has been successfully implemented in the iVIC platform. Finally, we evaluate our approach by comprehensive experiments based on Xen hypervisor and Snort NIDS and the results show that the proposed fuzzy control system can precisely allocate resources for NIDS according to its resource demands, while still satisfying the performance requirements of NIDS.
AB - With the increasing prevalence of virtualization and cloud technologies, virtual security appliances have emerged and become a new way for traditional security appliances to be rapidly distributed and deployed in IT infrastructure. However, virtual security appliances are challenged with achieving optimal performance, as the physical resource is shared by several virtual machines, and this issue is aggravated when virtualizing network intrusion detection systems (NIDS). In this paper, we proposed a novel approach named fuzzyVIDS, which enables dynamic resource provision for NIDS virtual appliance. In fuzzyVIDS, we use fuzzy model to characterize the complex relationship between performance and resource demands and we develop an online fuzzy controller to adaptively control the resource allocation for NIDS under varying network traffic. Our approach has been successfully implemented in the iVIC platform. Finally, we evaluate our approach by comprehensive experiments based on Xen hypervisor and Snort NIDS and the results show that the proposed fuzzy control system can precisely allocate resources for NIDS according to its resource demands, while still satisfying the performance requirements of NIDS.
KW - Network intrusion detection systems
KW - dynamic provision
KW - fuzzy control
KW - virtualization
UR - https://www.scopus.com/pages/publications/77954585497
U2 - 10.1007/978-3-642-13577-4_10
DO - 10.1007/978-3-642-13577-4_10
M3 - 会议稿件
AN - SCOPUS:77954585497
SN - 3642135765
SN - 9783642135767
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 115
EP - 128
BT - Advances in Computer Science and Information Technology - AST/UCMA/ISA/ACN 2010 Conferences, Joint Proceedings
T2 - 2nd International Conference on Advanced Science and Technology
Y2 - 23 June 2010 through 25 June 2010
ER -