Visualization in Intrusion Detection Systems:A Study on Different Approaches for Cloud Computing Environments

摘要

This article presents an overview of some of the major works that focus on the use of virtualization in intrusion detection systems to protect against threats in cloud computing environments. The elasticity and abundant availability of computational resources are attractive to attackers in order to exploit vulnerabilities of the cloud, and launch attacks against legitimate users to gain access to private and privileged data. To effectively protect the cloud users, an IDS should have the ability to expand, increase or rapidly decrease the quantity of sensors according to the quantity of resources, as well as the ability to isolate access to the system levels and infrastructures. For this purpose, characteristics of virtual machines as quick startup, fast recovery, stop, migration between different hosts and execution across multiple platforms can be exploited in VM-based IDS, making it a great alternative for monitoring intrusions in cloud computing environments.