Show simple item record

dc.contributor.authorLi, Bo
dc.contributor.authorLi, Jianxin
dc.contributor.authorLiu, Lu
dc.date.accessioned2016-11-16T18:26:03Z
dc.date.available2016-11-16T18:26:03Z
dc.date.issued2015-06-10
dc.identifier.citationBo, L. et al. (2015) 'CloudMon: a resource-efficient IaaS cloud monitoring system based on networked intrusion detection system virtual appliances', Concurrency and Computation: Practice and Experience, 27 (8):1861en
dc.identifier.issn15320626
dc.identifier.doi10.1002/cpe.3166
dc.identifier.urihttp://hdl.handle.net/10545/620878
dc.description.abstractThe networked intrusion detection system virtual appliance (NIDS-VA), also known as virtualized NIDS, plays an important role in the protection and safeguard of IaaS cloud environments. However, it is nontrivial to guarantee both of the performance of NIDS-VA and the resource efficiency of cloud applications because both are sharing computing resources in the same cloud environment. To overcome this challenge and trade-off, we propose a novel system, named CloudMon, which enables dynamic resource provision and live placement for NIDS-VAs in IaaS cloud environments. CloudMon provides two techniques to maintain high resource efficiency of IaaS cloud environments without degrading the performance of NIDS-VAs and other virtual machines (VMs). The first technique is a virtual machine monitor based resource provision mechanism, which can minimize the resource usage of a NIDS-VA with given performance guarantee. It uses a fuzzy model to characterize the complex relationship between performance and resource demands of a NIDS-VA and develops an online fuzzy controller to adaptively control the resource allocation for NIDS-VAs under varying network traffic. The second one is a global resource scheduling approach for optimizing the resource efficiency of the entire cloud environments. It leverages VM migration to dynamically place NIDS-VAs and VMs. An online VM mapping algorithm is designed to maximize the resource utilization of the entire cloud environment. Our virtual machine monitor based resource provision mechanism has been evaluated by conducting comprehensive experiments based on Xen hypervisor and Snort NIDS in a real cloud environment. The results show that the proposed mechanism can allocate resources for a NIDS-VA on demand while still satisfying its performance requirements. We also verify the effectiveness of our global resource scheduling approach by comparing it with two classic vector packing algorithms, and the results show that our approach improved the resource utilization of cloud environments and reduced the number of in-use NIDS-VAs and physical hosts.
dc.description.sponsorshipThe authors gratefully acknowledge the anonymous reviewers for their helpful suggestions and insightful comments to improve the quality of the paper. The work reported in this paper has been partially supported by National Nature Science Foundation of China (No. 61202424, 61272165, 91118008), China 863 program (No. 2011AA01A202), Natural Science Foundation of Jiangsu Province of China (BK20130528) and China 973 Fundamental R&D Program (2011CB302600).en
dc.language.isoenen
dc.publisherWileyen
dc.relation.urlhttp://doi.wiley.com/10.1002/cpe.3166en
dc.rightsArchived with thanks to Concurrency and Computation: Practice and Experienceen
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/en
dc.subjectCloud environmentsen
dc.subjectNIDS virtual applianceen
dc.subjectFuzzy controlen
dc.subjectResource managementen
dc.subjectDynamic provisionen
dc.titleCloudMon: a resource-efficient IaaS cloud monitoring system based on networked intrusion detection system virtual appliancesen
dc.typeArticleen
dc.contributor.departmentUniversity of Derbyen
dc.identifier.journalConcurrency and Computation: Practice and Experienceen
dc.contributor.institutionState Key Laboratory of Software Development Environment; Beihang University; Beijing China
dc.contributor.institutionState Key Laboratory of Software Development Environment; Beihang University; Beijing China
dc.contributor.institutionSchool of Computing and Mathematics; University of Derby; Derby UK
refterms.dateFOA2019-02-28T14:56:06Z
html.description.abstractThe networked intrusion detection system virtual appliance (NIDS-VA), also known as virtualized NIDS, plays an important role in the protection and safeguard of IaaS cloud environments. However, it is nontrivial to guarantee both of the performance of NIDS-VA and the resource efficiency of cloud applications because both are sharing computing resources in the same cloud environment. To overcome this challenge and trade-off, we propose a novel system, named CloudMon, which enables dynamic resource provision and live placement for NIDS-VAs in IaaS cloud environments. CloudMon provides two techniques to maintain high resource efficiency of IaaS cloud environments without degrading the performance of NIDS-VAs and other virtual machines (VMs). The first technique is a virtual machine monitor based resource provision mechanism, which can minimize the resource usage of a NIDS-VA with given performance guarantee. It uses a fuzzy model to characterize the complex relationship between performance and resource demands of a NIDS-VA and develops an online fuzzy controller to adaptively control the resource allocation for NIDS-VAs under varying network traffic. The second one is a global resource scheduling approach for optimizing the resource efficiency of the entire cloud environments. It leverages VM migration to dynamically place NIDS-VAs and VMs. An online VM mapping algorithm is designed to maximize the resource utilization of the entire cloud environment. Our virtual machine monitor based resource provision mechanism has been evaluated by conducting comprehensive experiments based on Xen hypervisor and Snort NIDS in a real cloud environment. The results show that the proposed mechanism can allocate resources for a NIDS-VA on demand while still satisfying its performance requirements. We also verify the effectiveness of our global resource scheduling approach by comparing it with two classic vector packing algorithms, and the results show that our approach improved the resource utilization of cloud environments and reduced the number of in-use NIDS-VAs and physical hosts.


Files in this item

Thumbnail
Name:
CloudMon.pdf
Size:
888.5Kb
Format:
PDF
Description:
Post-print

This item appears in the following Collection(s)

Show simple item record

Archived with thanks to Concurrency and Computation: Practice and Experience
Except where otherwise noted, this item's license is described as Archived with thanks to Concurrency and Computation: Practice and Experience