Autonomous agent-based inspection for inter-VM traffic in a Cloud environment

摘要

Cloud Computing (CC) has generated interest from both industry and academia over these years. As an extension of Grid Computing and Distributed Computing, CC aims to provide users with flexible services in a transparent manner. The distributed implementation of CC creates a suitable environment for easy targets, vulnerable and prone to sophisticated attacks. Commonly virtualization is the most utilized technology to implement a Cloud environment with a massive multi-tenancy usage, opening a door to a whole other level of security issues. This creates new targets for intrusion due to the complexity of access and difficulty in monitoring all interconnection points between systems, applications, and data sets. This raises many questions about the appropriate infrastructure, processes, and strategy for enacting detection and response to intrusion in a Cloud environment. This article discusses the security and the visibility issues of inter-VM traffic and solutions for it within a Cloud environment context, by proposing an approach relying on distributed intrusion detection technique and packet inspection.