Monitoring and Detecting Abnormal Behavior in Mobile Cloud Infrastructure
Monitoring and Detecting Abnormal Behavior in Mobile
Cloud Infrastructure
ABSTRACT
Recently, several mobile services are changing to cloud-based mobile services with richer communications and higher flexibility. We present a new mobile cloud infrastructure that combines mobile devices and cloud services. This new infrastructure provides virtual mobile instances through cloud computing. To commercialize new services with this infrastructure, service providers should be aware of security issues. Here, we first define new mobile cloud services through mobile cloud infrastructure and discuss possible security threats through the use of several service scenarios. Then, we propose a methodology and architecture for detecting abnormal behavior through the monitoring of both host and network data. To validate our methodology, we injected malicious programs into our mobile cloud test bed and used a machine learning algorithm to detect the abnormal behavior that arose from these programs.
Existing System
On such normal mobile devices, most current vaccine applications detect malware through a signature-based method. Signature-based methods can detect malware in a short space of time with high accuracy, but they cannot detect new malware whose signature is unknown or has been modified. If mobile cloud services are provided, much more malicious applications may appear including new and modified malware. Therefore vaccine applications cannot detect and prohibit them with only signature-based method in the future. Moreover, mobile cloud infrastructure supports a huge number of virtual mobile instances. When a malware is compromised on a virtual mobile instance, it can be delivered to other virtual mobile instances in the same mobile cloud infrastructure. Without monitoring the network behavior in mobile cloud infrastructure, the malware will spread over the entire infrastructure.
Algorithm:
Random
Cloud Infrastructure
ABSTRACT
Recently, several mobile services are changing to cloud-based mobile services with richer communications and higher flexibility. We present a new mobile cloud infrastructure that combines mobile devices and cloud services. This new infrastructure provides virtual mobile instances through cloud computing. To commercialize new services with this infrastructure, service providers should be aware of security issues. Here, we first define new mobile cloud services through mobile cloud infrastructure and discuss possible security threats through the use of several service scenarios. Then, we propose a methodology and architecture for detecting abnormal behavior through the monitoring of both host and network data. To validate our methodology, we injected malicious programs into our mobile cloud test bed and used a machine learning algorithm to detect the abnormal behavior that arose from these programs.
Existing System
On such normal mobile devices, most current vaccine applications detect malware through a signature-based method. Signature-based methods can detect malware in a short space of time with high accuracy, but they cannot detect new malware whose signature is unknown or has been modified. If mobile cloud services are provided, much more malicious applications may appear including new and modified malware. Therefore vaccine applications cannot detect and prohibit them with only signature-based method in the future. Moreover, mobile cloud infrastructure supports a huge number of virtual mobile instances. When a malware is compromised on a virtual mobile instance, it can be delivered to other virtual mobile instances in the same mobile cloud infrastructure. Without monitoring the network behavior in mobile cloud infrastructure, the malware will spread over the entire infrastructure.
Algorithm:
Random