• P-ISSN 0974-6846 E-ISSN 0974-5645

Indian Journal of Science and Technology

Article

Securing Hypervisors in Cloud Computing Environments against Malware Injection
  • VIEWS 278
  • PDF 71

Indian Journal of Science and Technology

DOI: 10.17485/IJST/v16i39.1913

Year: 2023, Volume: 16, Issue: 39, Pages: 3386-3393

Original Article

Securing Hypervisors in Cloud Computing Environments against Malware Injection

Mohammed Al Qurashi1*

1Computer science department, Al - Baha university, Al Baha, Saudi Arabia

*Corresponding Author
Email: [email protected]

Received Date:29 July 2023, Accepted Date:19 September 2023, Published Date:25 October 2023

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

Objectives: The primary objectives of this research are to address the security concerns related to cloud computing, emphasising attacks that target different hypervisor layers. The goal is to propose a revolutionary approach called "hGuard," that provides a thorough protection mechanism against malware attacks across several hypervisor levels. Additionally, the research aims to establish this method's ability to improve cybersecurity in cloud systems and show its efficacy through practical studies. Methods: The study combines theoretical analysis with actual experimentation to accomplish its objectives. The "hGuard" approach that is being proposed was developed to defend against attacks on several hypervisor levels. The strategy produces an output that the data mining algorithm, such as  Apriori uses to predict potential attacks. Through this association, it is now possible to simultaneously anticipate and stop malware injection attempts at various hypervisor layers. Empirical tests that simulate attacks and examine real-world situations provide quantitative information on the method's performance. Findings: The "hGuard" approach achieves a 95% detection accuracy for identifying malware injection attacks, with a 3% false positive rate for minimal misclassifications of non-attacks. It also demonstrates an 5% false negative rate, reducing errors in categorizing actual attacks. Additionally, the approach boasts an efficient 20 ms execution time, ensuring rapid processing and prediction of potential attacks. Novelty: The novelty of this research lies in the development of the "hGuard" method, which addresses a crucial gap in existing security approaches. Unlike conventional methods that tackle hypervisor levels individually, the proposed approach offers a holistic defense mechanism capable of countering malware attacks targeting multiple levels simultaneously. The integration of the Apriori technique for attack prediction further enhances its novelty by providing a data-driven approach to proactive cybersecurity. The empirical validation of the method's effectiveness contributes to its novelty, showcasing its potential as a valuable tool for detecting and preventing malware attacks in cloud computing. Furthermore, the research suggests avenues for extending the application of the "hGuard" method to other domains within the realm of cybersecurity.

Keywords: Cloud Computing, Cloud Security, Hypervisors, Virtual Machines, Malware Attacks

References

  2. Tabrizchi H, Rafsanjani MK. A survey on security challenges in cloud computing: issues, threats, and solutions. The Journal of Supercomputing. 2020;76(12):9493–9532. Available from: https://link.springer.com/article/10.1007/s11227-020-03213-1
  3. Khan NA, Qurashi MA. Security Tradeoff in Network Virtualization and Their Countermeasures. In: Inventive Computation and Information Technologies. (pp. 741-749) Springer Nature Singapore. 2023.
  4. Gupta B, Mishra N. Optimized deep learning‐based attack detection framework for secure virtualized infrastructures in cloud. International Journal of Numerical Modelling: Electronic Networks, Devices and Fields. 2022;35(1):2945. Available from: https://onlinelibrary.wiley.com/doi/full/10.1002/jnm.2945
  5. Lin K, Liu W, Zhang K, Xia H, Tu B. HyperKRP: A Kernel Runtime Security Architecture with A Tiny Hypervisor on Commodity Hardware. 2021 IEEE Global Communications Conference (GLOBECOM). 2021;p. 1–6. Available from: https://ieeexplore.ieee.org/abstract/document/9685552
  6. Bhardwaj A, Kaushik K, Dagar V, Kumar M. Framework to measure and reduce the threat surface area for smart home devices. Advances in Computational Intelligence. 2023;3(4):16. Available from: https://link.springer.com/article/10.1007/s43674-023-00062-2
  7. Alqarni AA, Alsharif N, Khan NA, Georgieva L, Pardade E, Alzahrani MY, et al. Modular Neural Network Based Approach for XSS Attack Detection. 2022. Available from: https://www.techscience.com/cmc/v70n2/44704/pdf
  9. Aalam Z, Kumar V, Gour S. A review paper on hypervisor and virtual machine security. InJournal of Physics: Conference Series. 2021;1950:12027. Available from: https://iopscience.iop.org/article/10.1088/1742-6596/1950/1/012027/meta
  10. Fischer A, Kittel T, Kolosnjaji B, Lengyel TK, Mandarawi W, Meer HD, et al. CloudIDEA: A Malware Defense Architecture for Cloud Data Centers. In: Lecture Notes in Computer Science. (pp. 594-611) Springer International Publishing. 2015.
  11. Liakos KG, Georgakilas GK, Moustakidis S, Sklavos N, Plessas FC. Conventional and machine learning approaches as countermeasures against hardware trojan attacks. Microprocessors and Microsystems. 2020;79:103295. Available from: https://www.sciencedirect.com/science/article/abs/pii/S0141933120304543
  12. Khan NA, Network. 5G Network: techniques to Increase Quality of Service and Quality of Experience. International Journal of Computer Networks and Applications. 2022;9(4):476. Available from: https://www.ijcna.org/Manuscripts/IJCNA-2022-O-39.pdf
  13. Anwar RW, Abdullah T, Pastore F. Firewall Best Practices for Securing Smart Healthcare Environment: A Review. Applied Sciences. 2021;11(19):9183. Available from: https://www.mdpi.com/2076-3417/11/19/9183
  14. Soleymanpour S, Sadr H, Soleimandarabi MN. CSCNN: Cost-Sensitive Convolutional Neural Network for Encrypted Traffic Classification. Neural Processing Letters. 2021;53(5):3497–3523. Available from: https://link.springer.com/article/10.1007/s11063-021-10534-6
  15. Bacs A, Giuffrida C, Grill B, Bos H. Slick: an intrusion detection system for virtualized storage devices. InProceedings of the 31st Annual ACM Symposium on Applied Computing. 2016;p. 2033–2040. Available from: https://research.vu.nl/en/publications/slick-an-intrusion-detection-system-for-virtualized-storage-devic
  16. Alshehri A, Khan N, Alowayr A, Alghamdi MY. Cyberattack Detection Framework Using Machine Learning and User Behavior Analytics. Computer Systems Science and Engineering. 2023;44(2):1679–1689. Available from: https://www.techscience.com/csse/v44n2/48277
  17. Khan NA, Khan AS, Kar HA, Ahmad Z, Tarmizi S, Julaihi AA. Employing Public Key Infrastructure to Encapsulate Messages During Transport Layer Security Handshake Procedure. 2022 Applied Informatics International Conference (AiIC). 2022;p. 126–130. Available from: https://ieeexplore.ieee.org/document/9914605

Copyright

© 2023 Qurashi. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. Published By Indian Society for Education and Environment (iSee)

  • 25 October 2023

Year: 2023, Volume: 16, Issue: 39

Article Metrics


Post Graduate Fellowship in Research Communication

More articles

DON'T MISS OUT!

Subscribe now for latest articles and news.