Conference Papers

Permanent URI for this collectionhttps://idr.nitk.ac.in/handle/123456789/28506

Browse

Author: search.filters.author.M.a, M.A.

Search Results

Now showing 1 - 6 of 6
  • No Thumbnail Available
    Item
    Virtual machine introspection based spurious process detection in virtualized cloud computing environment
    (Institute of Electrical and Electronics Engineers Inc., 2015) M.a, M.A.; Jaidhar, C.D.
    Virtual Machines are prime target for adversary to take control by exploiting the identified vulnerability present in it. Due to increasing number of Advanced Persistent Attacks such as malware, rootkit, spyware etc., virtual machine protection is highly challenging task. The key element of Advanced Persistent Threat is rootkit that provides stealthy control of underlining Operating System (kernel). Protecting individual guest operating system by using antivirus and commercial security defense mechanism is cost effective and ineffective for virtualized environment. To solve this problem, Virtual Machine Introspection has emerged as one of the promising approaches to secure the state of the virtual machine. Virtual Machine Introspection inspects the state of multiple virtual machines by operating outside the virtual machine i.e. at hypervisor level. In this work, Virtual Machine Introspection based malicious process detection approach is proposed. It extracts the high level information such as system call details, opened known backdoor ports from introspected memory to identify the spurious process. It triggers an alert in response to detected intrusion. © 2015 IEEE.
  • No Thumbnail Available
    Item
    Comparative study of Principal Component Analysis based Intrusion Detection approach using machine learning algorithms
    (Institute of Electrical and Electronics Engineers Inc., 2015) Chabathula, K.J.; Jaidhar, C.D.; M.a, M.A.
    This paper induces the prominence of variegated machine learning techniques adapted so far for the identifying different network attacks and suggests a preferable Intrusion Detection System (IDS) with the available system resources while optimizing the speed and accuracy. With booming number of intruders and hackers in todays vast and sophisticated computerized world, it is unceasingly challenging to identify unknown attacks in promising time with no false positive and no false negative. Principal Component Analysis (PCA) curtails the amount of data to be compared by reducing their dimensions prior to classification that results in reduction of detection time. In this paper, PCA is adopted to reduce higher dimension dataset to lower dimension dataset. It is accomplished by converting network packet header fields into a vector then PCA applied over high dimensional dataset to reduce the dimension. The reduced dimension dataset is tested with Support Vector Machines (SVM), K-Nearest Neighbors (KNN), J48 Tree algorithm, Random Forest Tree classification algorithm, Adaboost algorihm, Nearest Neighbors generalized Exemplars algorithm, Navebayes probabilistic classifier and Voting Features Interval classification algorithm. Obtained results demonstrates detection accuracy, computational efficiency with minimal false alarms, less system resources utilization. Experimental results are compared with respect to detection rate and detection time and found that TREE classification algorithms achieved superior results over other algorithms. The whole experiment is conducted by using KDD99 data set. © 2015 IEEE.
  • No Thumbnail Available
    Item
    Hypervisor and virtual machine dependent Intrusion Detection and Prevention System for virtualized cloud environment
    (Institute of Electrical and Electronics Engineers Inc., 2015) M.a, M.A.; Jaidhar, C.D.
    Cloud Computing enabled by virtualization technology exhibits revolutionary change in IT Infrastructure. Hypervisor is a pillar of virtualization and it allows sharing of resources to virtual machines. Vulnerabilities present in virtual machine leveraged by an attacker to launch the advanced persistent attacks such as stealthy rootkit, Trojan, Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack etc. Virtual Machines are prime target for malignant cloud user or an attacker to launch attacks as they are easily available for rent from Cloud Service Provider (CSP). Attacks on virtual machine can disrupt the normal operation of cloud infrastructure. In order to secure the virtual environment, defence mechanism is highly imperative at each virtual machine to identify the attacks occurring at virtual machine in timely manner. This work proposes In-and-Out-of-the-Box Virtual Machine and Hypervisor based Intrusion Detection and Prevention System for virtualized environment to ensure robust state of the virtual machine by detecting followed by eradicating rootkits as well as other attacks. We conducted experiments using popular open source Host based Intrusion Detection System (HIDS) called Open Source SECurity Event Correlator (OSSEC). Both Linux and windows based rootkits, DoS attack, Files integrity verification test are conducted and they are successfully detected by OSSEC. © 2015 IEEE.
  • No Thumbnail Available
    Item
    VMI based automated real-time malware detector for virtualized cloud environment
    (Springer Verlag service@springer.de, 2016) M.a, M.A.; Jaidhar, C.D.
    The Virtual Machine Introspection (VMI) has evolved as a promising future security solution to performs an indirect investigation of the untrustworthy Guest Virtual Machine (GVM) in real-time by operating at the hypervisor in a virtualized cloud environment. The existing VMI techniques are not intelligent enough to read precisely the manipulated semantic information on their reconstructed high-level semantic view of the live GVM. In this paper, a VMI-based Automated-Internal- External (A-IntExt) system is presented that seamlessly introspects the untrustworthy Windows GVM internal semantic view (i.e. Processes) to detect the hidden, dead, and malicious processes. Further, it checks the detected, hidden as well as running processes (not hidden) as benign or malicious. The prime component of the A-IntExt is the Intelligent Cross- View Analyzer (ICV A), which is responsible for detecting hidden-state information from internally and externally gathered state information of the Monitored Virtual Machine (Med−VM). The A-IntExt is designed, implemented, and evaluated by using publicly available malware and Windows real-world rootkits to measure detection proficiency as well as execution speed. The experimental results demonstrate that A-IntExt is effective in detecting malicious and hidden-state information rapidly with maximum performance overhead of 7.2 %. © Springer International Publishing AG 2016.
  • No Thumbnail Available
    Item
    Novel fabrication technique for NiTi and TiN micro-structures by femtosecond lasers
    (IOP Publishing Ltd custserv@iop.org, 2020) M.a, M.A.; Lakshmi Ganapathi, K.L.; Udayashankar, N.K.; Mohan, S.
    NiTi shape memory alloy (SMA) thin films were deposited onto silicon substrate using pulsed DC magnetron sputtering technique. To obtain crystalline NiTi thin films has to be synthesized at higher temperatures (475 - 525) C. This high temperature requirement restricts the ease in conventional lithographic procedures. The recent advancements in the laser micromachining lend their applications into the fabrication of miniaturized systems. The femtosecond lasers (FSL) allow non-thermal processing of materials by ablation. This work focuses on the deposition and fabrication of NiTi (≈1.5 μm. thick) and titanium nitride (TiN ≈0.3 μm. thick) thin films based miniaturized systems by femtosecond laser bulk micromachining. The NiTi and TiN microstructures were release by bottom silicon etch using reactive ion etching chlorine chemistry (RIE-Cl). © Published under licence by IOP Publishing Ltd.
  • No Thumbnail Available
    Item
    Pulse frequency effect on the NiTi plasmas characteristics and thin film properties and fabrication of NiTi micro-comb structures
    (Elsevier Ltd, 2022) M.a, M.A.; Sidhila, P.S.; Udayashankar, N.K.
    Nickel-titanium (NiTi) is a thermal shape memory alloy (SMA) widely used in the actuator domain in miniaturized systems. With a titanium nitride (TiN) capping layer, NiTi exhibits better mechanical properties and enhances biocompatibility in biomedical applications. In addition, TiN can be efficiently heated to a higher temperature than induce the phase transformation in NiTi MEMS structures. This could be easily achieved by fabricating a TiN heater pattern over or alongside the NiTi MEMS structures. The subject of this work is the NiTi thin films deposited utilizing the pulsed DC magnetron sputter (PDCMS) deposition process at various pulse frequencies (50–350 kHz). The TiN capping layer was also grown on the Si/NiTi stack by the same process. The NiTi micro-comb and TiN micro-heater MEMS structures were fabricated using bulk laser micromachining. Freestanding MEMS structures of NiTi and TiN thin films were realized by etching the bottom silicon with an etch rate of 600 nm/Sec using chemical wet etch by tetramethylammonium hydroxide TMAH. © 2022