Because of the growth in cloud computing and manturity of virtualization technology, many enterprises are virtualizing their servers to increase server utilization and lower costs. However, the complex network topology arising from virtualization makes clouds vulnerable, and security breaches have occurred on cloud computing platforms in recent years. Therefore, a comprehensive mechanism for detecting and preventing malicious traffic is necessary. We propose a network intrusion detection system that is based on a virtualization platform. This system, developed from a multipattern based network traffic classifier, collects packets from the virtual network environment and analyzes their content by using deep packet inspection for identifying malicious network traffic and intrusion attempts. We improve the intrusion detection features of the network traffic classifier and deploy it on a Xen virtualization platform. Our system can be combined with the Linux Netfilter framework to monitor inter-virtual-machine communications in the virtualization platform. It efficiently inspects packets and instantly protects the cloud computing environment from malicious traffic.
展开▼
