Tailoring the Cyber Security Framework: How to Overcome the Complexities of Secure Live Virtual Machine Migration in Cloud Computing

This paper proposes a novel secure live virtual machine migration framework by using a virtual trusted platform module instance to improve the integrity of the migration process from one virtual machine to another on the same platform. The proposed framework, called Kororā, is designed and developed on a public infrastructure-as-a-service cloud-computing environment and runs concurrently on the same hardware components (Input/Output, Central Processing Unit, Memory) and the same hypervisor (Xen); however, a combination of parameters needs to be evaluated before implementing Kororā. The implementation of Kororā is not practically feasible in traditional distributed computing environments. It requires fixed resources with high-performance capabilities, connected through a high-speed, reliable network. The following research objectives were determined to identify the integrity features of live virtual machine migration in the cloud system: To understand the security issues associated with cloud computing, virtual trusted platform modules, virtualization, live virtual machine migration, and hypervisors; To identify the requirements for the proposed framework, including those related to live VM migration among different hypervisors; To design and validate the model, processes, and architectural features of the proposed framework; To propose and implement an end-to-end security architectural blueprint for cloud environments, providing an integrated view of protection mechanisms, and then to validate the proposed framework to improve the integrity of live VM migration. This is followed by a comprehensive review of the evaluation system architecture and the proposed framework state machine. The overarching aim of this paper, therefore, is to present a detailed analysis of the cloud computing security problem, from the perspective of cloud architectures and the cloud service delivery models. Based on this analysis, this study derives a detailed specification of the cloud live virtual machine migration integrity problem and key features that should be covered by the proposed framewor

Cybercrime Detection And Prevention Model By Using SVM

This project aims to propose a cybercrime detection and prevention model by using support vector machine to reduce the damage due to running of malicious code. A cybercrime detection and prevention model uses support vector machines to create a new prevention model,which can run in Weka software to analyze and classify malicious data. The performance of this model will be evaluated by a social network dataset,which includes benign executable and viruses

Kororā: A secure live virtual machine job migration framework for cloud systems integrity

The article introduces an innovative framework called Kororā, which aims to enhance the security and integrity of live virtual machine migration in a public cloud computing environment. The framework incorporates a trusted platform module to ensure the integrity of the migration process. It offers a new approach for virtual machine migration and has been specifically designed and implemented on a public infrastructure-as-a-service cloud platform.The primary research problem identified is the vulnerability of virtual machine instances to attacks during the live migration procedure. The evaluation used involves running the framework simultaneously on the same hardware components (such as I/O, CPU, and memory) and utilizing the same hypervisor's platform (Xen's open-source hypervisor). In addition, the security aspect of live migration is a crucial consideration due to the possibility of security threats across different area: data plane, control plane, and migration plane. Potential attackers may employ both passive and active attack techniques, putting the live migration at risk and resulting in a decline in performance. This poses a significant and alarming risk to the overall platform.To address the research gap, the Kororā framework emerged as a successful approach for achieving control-flow integrity by incorporating the Clark-Wilson security model proved effective in bridging the research gaps while maintaining system integrity. The primary achievement of this research is the introduction of the Kororā framework, which consists of seven agents operating within the Xen-privileged dom0 and establishing communication with the hypervisor. Overall, the finding indicate that the suggested framework offers an effective defence mechanism for moving a virtual machine from one host to another host with minimal disruption to normal operation with enhanced integrity

Cloud Surfing: A General Comparison of Cloud Identity Guidelines

Identity and access management is an essential component to addressing security issues in cloud. Nowadays, private organizations and government agencies at any level spend billions of dollars in an effort to protect user’ identity and digital access while complying with legislation that mandates the implementation of security measures. This paper intends to illuminate and discusses in more detail three legislative acts: ENISA, CSA and NIST. These guidelines address the significant business and technical decisions that need to be considered by an organization seeking to implement Security as a Service, or an organization that is looking for guidance on how to assess an IAM offering. The current paper provides a brief description of all three legislative acts, a high-level comparison of suggested and/or mandated guidelines (highlighting gaps and overlaps) and suggests a possible threshold model that may incorporate security settings that satisfy requirements of all three legislative acts

Taxonomy of malware detection techniques

Malware is an international software disease. Research shows that the effect of malware is becoming chronic. To protect against malware detectors are fundamental to the industry. The effectiveness of such detectors depends on the technology used. Therefore, it is paramount that the advantages and disadvantages of each type of technology are scrutinized analytically. This study’s aim is to scrutinize existing publications on this subject and to follow the trend that has taken place in the advancement and development with reference to the amount of information and sources of such literature. Many of the malware programs are huge and complicated and it is not easy to comprehend the details. Dissemination of malware information among users of the Internet and also training them to correctly use anti-malware products are crucial to protecting users from the malware onslaught. This paper will provide an exhaustive bibliography of methods to assist in combating malware

Effects of software security on software development life cycle and related security issues

Security is a significant issue in the software development life cycle, and may become much more problematic in the future. In the current state there is no simple solution to the software security issue. Moreover, software developers have to be able to deal with huge numbers of defects in software. Security must be integrated into the development process from the beginning and continue through the design process to improve the security of the released software. This paper discusses software security challenges that one might face when developing enterprise software applications. As an essential concept in software engineering, software security is the process of protecting data and resources in order to achieve a more secure and reliable design and implementation. The main contribution of the paper is to present, in a coherent manner, major existing approaches and to emphasize description and method guidelines in particular. Moreover, this paper shows how to plan and conduct software development projects for creating secure and reliable products. Finally, it reviews the software security attribute requirements

Capture the talent : secondary school education with cyber security competition

Recent advances in computing have caused cyber security to become an increasingly critical issue that affects our everyday life. Both young and old in society are exposed to benefits and dangers that accompany technological advance. Cyber security education is a vital part of reducing the risks associated with cyber-threats. This is particularly important for current and future youth, who are the most technology-literate generations. Many research studies and competitions have been undertaken around the world to emphasize and identify the significance of cyber security as a relevant and pressing research area. Cyber security competitions are great means of raising interest in the young generation and attracting them to educational programmes in this area. These competitions show the need for cyber security to be taught as a formal subject in secondary schools to enhance the effectiveness of computer science concepts in cyber space. This paper presents an effective educational approach, justifying such competitions as a means of introducing cyber security as a computer science subject for New Zealand secondary school students, and also presents methods of implementation